Schema SecurityOverlay.xsd

schema location:	SecurityOverlay.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	https://sabsa.org/the-sabsa-institute

schema location:	sabsa\Contextual.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	https://sabsa.org/the-sabsa-institute

Elements	Complex types	Simple types
Regulation	Article	PrincipalType
	DataSubject
	Loss
	Principal
	SLA
	Standard
	ThreatAgent
	ValueChain

schema location:	sabsa\Conceptual.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	https://sabsa.org/the-sabsa-institute

Complex types	Simple types	Attr. groups
Authorisation	AttributeDomain	cveAttributes
ComplianceObjective	MetricType	RiskAttributes
Control
ControlObjective
Credential
Defect
EmbeddedMetric
Exception
Impact
Metric
Risk
SABSAAttribute
SecurityDomain
SecurityEvent
Threat
Trust
Vulnerability

schema location:	sabsa\Logical.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	https://sabsa.org/the-sabsa-institute

Complex types	Simple types
Account	AccountType
Malware

schema location:	sabsa\Physical.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	https://sabsa.org/the-sabsa-institute

Complex types	Attr. groups
Data	TechBehaviourAttributes
Executable
TechnologyFunction
TechnologyInteraction
TechnologyProcess
TechnologyService

schema location:	sabsa\Relationships.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	https://sabsa.org/the-sabsa-institute

Complex types	Simple types
Conceptualisation	RACIType
RACI
Realisation
trusts

schema location:	custom\Custom.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	https://sabsa.org/custom

Complex types	Simple types
CodeAuthenticity	AcidProperties
HumanInterfaceTyoe	AcquisitionType
IntegerRange	AnonymityProtection
MachineInterfaceTyoe	ApplicationRoleType
PII	BusinessInterfaceType
ProbabilityDist	confidentialityClassification
ProtectionProfile	ConfidentialityProtection
Value	ControlApplicability
	ControlBaseline
	ControlStatus
	ControlStrength
	CredentialType
	DataType
	DaysOfWeek
	InterfaceExposure
	MalwareType
	OriginAssurance
	PatchStatusType
	piiClassification
	PIILegalBasis
	Priority
	PrivilegeType
	QualitativeScale
	SegregationType
	TamperProtection
	UserType
	ValueType

schema location:	tog\ArchiMate.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

schema location:	tog\Business.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

Complex types	Simple types	Attr. groups
BusinessActor	ActorType	BehaviourAttributes
BusinessCollaboration	RoleType
BusinessFunction	SODType
BusinessInteraction
BusinessInterface
BusinessObject
BusinessProcess
BusinessRole
BusinessService
Event
ServiceHours

schema location:	tog\Motivation.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

Complex types

Constraint

Requirement

Value

schema location:	tog\Technology.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

Complex types	Attr. groups
Node	TechBehaviourAttributes
SystemSoftware
TechnologyFunction
TechnologyInteraction
TechnologyInterface
TechnologyProcess
TechnologyService

schema location:	tog\Logical.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

Complex types	Attr. groups
ApplicationComponent	AppBehaviourAttributes
ApplicationFunction
ApplicationInteraction
ApplicationInterface
ApplicationProcess
ApplicationService
DataObject

schema location:	tog\Relationships.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

Complex types	Simple types
Access	AccessModifier
Aggregation	AccessType
Assignment
Association
Composition
Serving

schema location:	tog\Other.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

Complex types

Grouping

Location

schema location:	BaseElement.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

Complex types

BaseElement

schema location:	BaseRelationship.xsd
attributeFormDefault:
elementFormDefault:	qualified
targetNamespace:	http://www.opengroup.org/xsd/archimate/3.1

Complex types

BaseRelationship

element Regulation

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tsi:Standard
properties	content  complex
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Representation   namespace   xs:NMTOKEN   required         publisher   xs:string   required         sourceURL   xs:anyURI   required         version   xs:string   required         publishDate   xs:date   required         expiryDate   xs:date   optional         effectiveDate   xs:date   optional
source	<xs:element name="Regulation">   <xs:complexType>     <xs:complexContent>       <xs:extension base="tsi:Standard">         <xs:attribute name="effectiveDate" type="xs:date" use="optional"/>       </xs:extension>       <!-- The date of at which the regulation becomes effective -->     </xs:complexContent>   </xs:complexType> </xs:element>

attribute Regulation/@effectiveDate

type	xs:date
properties	use  optional
source	<xs:attribute name="effectiveDate" type="xs:date" use="optional"/>

complexType Article

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Principle   namespace   xs:string   required         refCode   xs:NMTOKEN   required
annotation	documentation Properties to identify and reference an Article in a Regulation
source	<xs:complexType name="Article">   <xs:annotation>     <xs:documentation>Properties to identify and reference an Article in a Regulation</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Principle"/>       <xs:attribute name="namespace" type="xs:string" use="required"/>       <xs:attribute name="refCode" type="xs:NMTOKEN" use="required"/>     </xs:extension>     <!--a namespace indicationg the source of the Control Objective -->     <!--a reference code that uniquely identifies the Control Objective within the namespace-->   </xs:complexContent> </xs:complexType>

attribute Article/@stereotypeOf

type	xs:QName
properties	fixed  tog:Principle
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Principle"/>

attribute Article/@namespace

type	xs:string
properties	use  required
source	<xs:attribute name="namespace" type="xs:string" use="required"/>

attribute Article/@refCode

type	xs:NMTOKEN
properties	use  required
source	<xs:attribute name="refCode" type="xs:NMTOKEN" use="required"/>

complexType DataSubject

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:population tsi:populationRange
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:BusinessActor   type   tog:ActorType         HUMAN   isDataSubject   xs:boolean         true   reviewPeriod   xs:duration   optional
annotation	documentation Stereotypes a Business Actor with properties for a Data Subject
source	<xs:complexType name="DataSubject">   <xs:annotation>     <xs:documentation>Stereotypes a Business Actor with properties for a Data Subject</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <xs:element name="population" type="xs:float"/>           <xs:element name="populationRange" type="custom:IntegerRange"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessActor"/>       <xs:attribute name="type" type="tog:ActorType" fixed="HUMAN"/>       <xs:attribute name="isDataSubject" type="xs:boolean" fixed="true"/>       <xs:attribute name="reviewPeriod" type="xs:duration" use="optional"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute DataSubject/@stereotypeOf

type	xs:QName
properties	fixed  tog:BusinessActor
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessActor"/>

attribute DataSubject/@type

type	tog:ActorType
properties	fixed  HUMAN
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  ORGANISATIONAL
source	<xs:attribute name="type" type="tog:ActorType" fixed="HUMAN"/>

attribute DataSubject/@isDataSubject

type	xs:boolean
properties	fixed  true
source	<xs:attribute name="isDataSubject" type="xs:boolean" fixed="true"/>

attribute DataSubject/@reviewPeriod

type	xs:duration
properties	use  optional
source	<xs:attribute name="reviewPeriod" type="xs:duration" use="optional"/>

element DataSubject/population

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:float
properties	content  simple
source	<xs:element name="population" type="xs:float"/>

element DataSubject/populationRange

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="populationRange" type="custom:IntegerRange"/>

complexType Loss

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:Value
properties	base  tog:Value
children	tog:name tog:description tog:valuation tog:valueDistribution
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      valueType   custom:ValueType   required         currencyUnits   xs:NMTOKEN   optional         currencyCode   xs:NMTOKEN   optional         rating   custom:QualitativeScale   optional         stereotypeOf   xs:QName         tog:Value
annotation	documentation Defines the financial losses in respect to Asset Value
source	<xs:complexType name="Loss">   <xs:annotation>     <xs:documentation>Defines the financial losses in respect to Asset Value</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:Value">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Value"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Loss/@stereotypeOf

type	xs:QName
properties	fixed  tog:Value
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Value"/>

complexType Principal

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:BusinessActor   type   tsi:PrincipalType      HUMAN      identityAssurance   custom:ControlBaseline      STANDARD
annotation	documentation Principlals are the Conceptual representation of Actors having an Account on the system
source	<xs:complexType name="Principal">   <xs:annotation>     <xs:documentation>Principlals are the Conceptual representation of Actors having an Account on the system</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessActor"/>       <xs:attribute name="type" type="tsi:PrincipalType" default="HUMAN"/>       <xs:attribute name="identityAssurance" type="custom:ControlBaseline" default="STANDARD"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Principal/@stereotypeOf

type	xs:QName
properties	fixed  tog:BusinessActor
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessActor"/>

attribute Principal/@type

type	tsi:PrincipalType
properties	default  HUMAN
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  ORGANISATIONAL enumeration  TECHNICAL
source	<xs:attribute name="type" type="tsi:PrincipalType" default="HUMAN"/>

attribute Principal/@identityAssurance

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="identityAssurance" type="custom:ControlBaseline" default="STANDARD"/>

complexType SLA

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Contract   reactionTime   xs:duration   optional         resolutionTime   xs:duration   optional         useLimit   xs:nonNegativeInteger   optional
annotation	documentation A Service Level Agrrement represents Contract commitments  to the Consumer for a Business Service
source	<xs:complexType name="SLA">   <xs:annotation>     <xs:documentation>A Service Level Agrrement represents Contract commitments  to the Consumer for a Business Service</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Contract"/>       <xs:attribute name="reactionTime" type="xs:duration" use="optional"/>       <xs:attribute name="resolutionTime" type="xs:duration" use="optional"/>       <xs:attribute name="useLimit" type="xs:nonNegativeInteger" use="optional"/>     </xs:extension>     <!-- The commited time to respond to a service service -->     <!-- The commited time to resolve / complete to a service service -->     <!-- Evaluation of any limit on the frequency that the service may be used-->   </xs:complexContent> </xs:complexType>

attribute SLA/@stereotypeOf

type	xs:QName
properties	fixed  tog:Contract
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Contract"/>

attribute SLA/@reactionTime

type	xs:duration
properties	use  optional
source	<xs:attribute name="reactionTime" type="xs:duration" use="optional"/>

attribute SLA/@resolutionTime

type	xs:duration
properties	use  optional
source	<xs:attribute name="resolutionTime" type="xs:duration" use="optional"/>

attribute SLA/@useLimit

type	xs:nonNegativeInteger
properties	use  optional
source	<xs:attribute name="useLimit" type="xs:nonNegativeInteger" use="optional"/>

complexType Standard

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
used by	element  Regulation
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Representation   namespace   xs:NMTOKEN   required         publisher   xs:string   required         sourceURL   xs:anyURI   required         version   xs:string   required         publishDate   xs:date   required         expiryDate   xs:date   optional
annotation	documentation Properties to identify and reference an external standard
source	<xs:complexType name="Standard">   <xs:annotation>     <xs:documentation>Properties to identify and reference an external standard</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Representation"/>       <xs:attribute name="namespace" type="xs:NMTOKEN" use="required"/>       <xs:attribute name="publisher" type="xs:string" use="required"/>       <xs:attribute name="sourceURL" type="xs:anyURI" use="required"/>       <xs:attribute name="version" type="xs:string" use="required"/>       <xs:attribute name="publishDate" type="xs:date" use="required"/>       <xs:attribute name="expiryDate" type="xs:date" use="optional"/>     </xs:extension>     <!-- The namespace of the Publisher / Standards body -->     <!-- The name of the Publisher / Standards body -->     <!-- A URL to locate the source document -->     <!-- Identification of version of the Standard - not necessarily a number -->     <!-- The date of publication -->     <!-- The date at which it is superceded / withdrawn / no longer effective -->   </xs:complexContent> </xs:complexType>

attribute Standard/@stereotypeOf

type	xs:QName
properties	fixed  tog:Representation
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Representation"/>

attribute Standard/@namespace

type	xs:NMTOKEN
properties	use  required
source	<xs:attribute name="namespace" type="xs:NMTOKEN" use="required"/>

attribute Standard/@publisher

type	xs:string
properties	use  required
source	<xs:attribute name="publisher" type="xs:string" use="required"/>

attribute Standard/@sourceURL

type	xs:anyURI
properties	use  required
source	<xs:attribute name="sourceURL" type="xs:anyURI" use="required"/>

attribute Standard/@version

type	xs:string
properties	use  required
source	<xs:attribute name="version" type="xs:string" use="required"/>

attribute Standard/@publishDate

type	xs:date
properties	use  required
source	<xs:attribute name="publishDate" type="xs:date" use="required"/>

attribute Standard/@expiryDate

type	xs:date
properties	use  optional
source	<xs:attribute name="expiryDate" type="xs:date" use="optional"/>

complexType ThreatAgent

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:population tsi:populationRange
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:BusinessActor   type   tsi:PrincipalType      HUMAN      isDataSubject   xs:boolean         false
annotation	documentation Threat Agents are malicious Actors: human, organisational or entities
source	<xs:complexType name="ThreatAgent">   <xs:annotation>     <xs:documentation>Threat Agents are malicious Actors: human, organisational or entities</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <xs:element name="population" type="xs:float"/>           <xs:element name="populationRange" type="custom:IntegerRange"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessActor"/>       <xs:attribute name="type" type="tsi:PrincipalType" default="HUMAN"/>       <xs:attribute name="isDataSubject" type="xs:boolean" fixed="false"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute ThreatAgent/@stereotypeOf

type	xs:QName
properties	fixed  tog:BusinessActor
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessActor"/>

attribute ThreatAgent/@type

type	tsi:PrincipalType
properties	default  HUMAN
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  ORGANISATIONAL enumeration  TECHNICAL
source	<xs:attribute name="type" type="tsi:PrincipalType" default="HUMAN"/>

attribute ThreatAgent/@isDataSubject

type	xs:boolean
properties	fixed  false
source	<xs:attribute name="isDataSubject" type="xs:boolean" fixed="false"/>

element ThreatAgent/population

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:float
properties	content  simple
source	<xs:element name="population" type="xs:float"/>

element ThreatAgent/populationRange

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="populationRange" type="custom:IntegerRange"/>

complexType ValueChain

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:materialCost tsi:processingCost tsi:secondaryCost tsi:finalValue tsi:margin
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Value   valueType   custom:ValueType         FINANCIAL   currencyUnits   xs:NMTOKEN   optional         currencyCode   xs:NMTOKEN   optional
annotation	documentation Defines the composition of financial values in a Value Chain
source	<xs:complexType name="ValueChain">   <xs:annotation>     <xs:documentation>Defines the composition of financial values in a Value Chain</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:element name="materialCost" type="custom:Value" minOccurs="0" maxOccurs="1"/>         <xs:element name="processingCost" type="custom:Value" minOccurs="0" maxOccurs="1"/>         <xs:element name="secondaryCost" type="custom:Value" minOccurs="0" maxOccurs="1"/>         <xs:element name="finalValue" type="custom:Value" minOccurs="0" maxOccurs="1"/>         <xs:element name="margin" type="custom:Value" minOccurs="0" maxOccurs="1"/>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Value"/>       <xs:attribute name="valueType" type="custom:ValueType" fixed="FINANCIAL"/>       <xs:attribute name="currencyUnits" type="xs:NMTOKEN" use="optional"/>       <xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>     </xs:extension>     <!-- Currency units e.g 1, 1000, 1000000 to be applied to the ALE distribution-->     <!-- Currency code as defined in ISO 4217-->   </xs:complexContent> </xs:complexType>

attribute ValueChain/@stereotypeOf

type	xs:QName
properties	fixed  tog:Value
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Value"/>

attribute ValueChain/@valueType

type	custom:ValueType
properties	fixed  FINANCIAL
facets	Kind  Value  Annotation enumeration  FINANCIAL enumeration  PRODUCTIVITY enumeration  RESPONSE enumeration  REPLACEMENT enumeration  REGULATORY enumeration  COMPETITIVE enumeration  REPUTATION
source	<xs:attribute name="valueType" type="custom:ValueType" fixed="FINANCIAL"/>

attribute ValueChain/@currencyUnits

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyUnits" type="xs:NMTOKEN" use="optional"/>

attribute ValueChain/@currencyCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>

element ValueChain/materialCost

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:Value
properties	minOcc  0 maxOcc  1 content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation units   xs:NMTOKEN   required         currencyCode   xs:NMTOKEN   optional
source	<xs:element name="materialCost" type="custom:Value" minOccurs="0" maxOccurs="1"/>

element ValueChain/processingCost

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:Value
properties	minOcc  0 maxOcc  1 content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation units   xs:NMTOKEN   required         currencyCode   xs:NMTOKEN   optional
source	<xs:element name="processingCost" type="custom:Value" minOccurs="0" maxOccurs="1"/>

element ValueChain/secondaryCost

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:Value
properties	minOcc  0 maxOcc  1 content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation units   xs:NMTOKEN   required         currencyCode   xs:NMTOKEN   optional
source	<xs:element name="secondaryCost" type="custom:Value" minOccurs="0" maxOccurs="1"/>

element ValueChain/finalValue

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:Value
properties	minOcc  0 maxOcc  1 content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation units   xs:NMTOKEN   required         currencyCode   xs:NMTOKEN   optional
source	<xs:element name="finalValue" type="custom:Value" minOccurs="0" maxOccurs="1"/>

element ValueChain/margin

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:Value
properties	minOcc  0 maxOcc  1 content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation units   xs:NMTOKEN   required         currencyCode   xs:NMTOKEN   optional
source	<xs:element name="margin" type="custom:Value" minOccurs="0" maxOccurs="1"/>

simpleType PrincipalType

namespace	https://sabsa.org/the-sabsa-institute
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  ThreatAgent/@type Principal/@type
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  ORGANISATIONAL enumeration  TECHNICAL
annotation	documentation Principals are either human, organisational or technical entities
source	<xs:simpleType name="PrincipalType">   <xs:annotation>     <xs:documentation>Principals are either human, organisational or technical entities</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="HUMAN"/>     <xs:enumeration value="ORGANISATIONAL"/>     <xs:enumeration value="TECHNICAL"/>     <!-- A Human Actor -->     <!-- An Organisation, Division, Department, Team -->     <!-- Machine Accounts: Robots, Applications, Servers, Batch Processes -->   </xs:restriction> </xs:simpleType>

complexType Authorisation

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:BusinessRole   recertificationPeriod   xs:duration   required         recertificationOwner   xs:string   required
annotation	documentation Authorisation is conceptual representation of actions that a Principal is authorised to perform in a Business Role.
source	<xs:complexType name="Authorisation">   <xs:annotation>     <xs:documentation>Authorisation is conceptual representation of actions that a Principal is authorised to perform in a Business Role.</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessRole"/>       <xs:attribute name="recertificationPeriod" type="xs:duration" use="required"/>       <xs:attribute name="recertificationOwner" type="xs:string" use="required"/>     </xs:extension>     <!-- The required recertification Period -->     <!-- Identifies the Person/ Role responsible for recertification -->   </xs:complexContent> </xs:complexType>

attribute Authorisation/@stereotypeOf

type	xs:QName
properties	fixed  tog:BusinessRole
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessRole"/>

attribute Authorisation/@recertificationPeriod

type	xs:duration
properties	use  required
source	<xs:attribute name="recertificationPeriod" type="xs:duration" use="required"/>

attribute Authorisation/@recertificationOwner

type	xs:string
properties	use  required
source	<xs:attribute name="recertificationOwner" type="xs:string" use="required"/>

complexType ComplianceObjective

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:profile
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Goal   namespace   xs:string   required         refCode   xs:NMTOKEN   required         status   custom:ControlStatus      MANDATORY      applicability   custom:ControlApplicability   optional         baseline   custom:ControlBaseline   optional
annotation	documentation Properties for a Compliance Objecttive
source	<xs:complexType name="ComplianceObjective">   <xs:annotation>     <xs:documentation>Properties for a Compliance Objecttive</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:element name="profile" type="custom:ProtectionProfile" minOccurs="0" maxOccurs="1"/>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Goal"/>       <xs:attribute name="namespace" type="xs:string" use="required"/>       <xs:attribute name="refCode" type="xs:NMTOKEN" use="required"/>       <xs:attribute name="status" type="custom:ControlStatus" default="MANDATORY"/>       <xs:attribute name="applicability" type="custom:ControlApplicability" use="optional"/>       <xs:attribute name="baseline" type="custom:ControlBaseline" use="optional"/>     </xs:extension>     <!--a namespace indicationg the source of the Control Objective -->     <!--a reference code that uniquely identifies the Control Objective within the namespace-->     <!--the current status of the Control Objective in the control lifecycle-->     <!--indicates the scope of applicability of the Control Objective -->     <!--indicates the level of the Control Objective in baselining scheme e.g. a maturity model -->   </xs:complexContent> </xs:complexType>

attribute ComplianceObjective/@stereotypeOf

type	xs:QName
properties	fixed  tog:Goal
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Goal"/>

attribute ComplianceObjective/@namespace

type	xs:string
properties	use  required
source	<xs:attribute name="namespace" type="xs:string" use="required"/>

attribute ComplianceObjective/@refCode

type	xs:NMTOKEN
properties	use  required
source	<xs:attribute name="refCode" type="xs:NMTOKEN" use="required"/>

attribute ComplianceObjective/@status

type	custom:ControlStatus
properties	default  MANDATORY
facets	Kind  Value  Annotation enumeration  MANDATORY enumeration  ADVISORY enumeration  WITHDRAWN enumeration  PENDING
source	<xs:attribute name="status" type="custom:ControlStatus" default="MANDATORY"/>

attribute ComplianceObjective/@applicability

type	custom:ControlApplicability
properties	use  optional
facets	Kind  Value  Annotation enumeration  GLOBAL enumeration  ORGANISATION enumeration  SYSTEM enumeration  COMPONENT
source	<xs:attribute name="applicability" type="custom:ControlApplicability" use="optional"/>

attribute ComplianceObjective/@baseline

type	custom:ControlBaseline
properties	use  optional
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="baseline" type="custom:ControlBaseline" use="optional"/>

element ComplianceObjective/profile

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:ProtectionProfile
properties	minOcc  0 maxOcc  1 content  complex
children	custom:name custom:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         namespace   xs:QName         SABSA   identify   custom:ControlStrength   required         deter   custom:ControlStrength   required         protect   custom:ControlStrength   required         detect   custom:ControlStrength   required         respond   custom:ControlStrength   required         recover   custom:ControlStrength   required
source	<xs:element name="profile" type="custom:ProtectionProfile" minOccurs="0" maxOccurs="1"/>

complexType Control

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName   required         namespace   xs:string   optional         refCode   xs:NMTOKEN   optional
annotation	documentation A real-world Control impolementation
source	<xs:complexType name="Control">   <xs:annotation>     <xs:documentation>A real-world Control impolementation</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" use="required"/>       <xs:attribute name="namespace" type="xs:string" use="optional"/>       <xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>     </xs:extension>     <!--a Control can be any element from the core layers-->     <!--a namespace indicationg the source of the Control -->     <!--a reference code that uniquely identifies the exception within the namespace-->   </xs:complexContent> </xs:complexType>

attribute Control/@stereotypeOf

type	xs:QName
properties	use  required
source	<xs:attribute name="stereotypeOf" type="xs:QName" use="required"/>

attribute Control/@namespace

type	xs:string
properties	use  optional
source	<xs:attribute name="namespace" type="xs:string" use="optional"/>

attribute Control/@refCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>

complexType ControlObjective

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:profile
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Goal   namespace   xs:string   optional         refCode   xs:NMTOKEN   optional         status   custom:ControlStatus      MANDATORY      applicability   custom:ControlApplicability   optional         baseline   custom:ControlBaseline   optional
annotation	documentation Properties for a Control Objecttive
source	<xs:complexType name="ControlObjective">   <xs:annotation>     <xs:documentation>Properties for a Control Objecttive</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:element name="profile" type="custom:ProtectionProfile" minOccurs="0" maxOccurs="1"/>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Goal"/>       <xs:attribute name="namespace" type="xs:string" use="optional"/>       <xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>       <xs:attribute name="status" type="custom:ControlStatus" default="MANDATORY"/>       <xs:attribute name="applicability" type="custom:ControlApplicability" use="optional"/>       <xs:attribute name="baseline" type="custom:ControlBaseline" use="optional"/>     </xs:extension>     <!--a namespace indicationg the source of the Control Objective -->     <!--a reference code that uniquely identifies the Control Objective within the namespace-->     <!--the current status of the Control Objective in the control lifecycle-->     <!--indicates the scope of applicability of the Control Objective -->     <!--indicates the level of the Control Objective in baselining scheme e.g. a maturity model -->   </xs:complexContent> </xs:complexType>

attribute ControlObjective/@stereotypeOf

type	xs:QName
properties	fixed  tog:Goal
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Goal"/>

attribute ControlObjective/@namespace

type	xs:string
properties	use  optional
source	<xs:attribute name="namespace" type="xs:string" use="optional"/>

attribute ControlObjective/@refCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>

attribute ControlObjective/@status

type	custom:ControlStatus
properties	default  MANDATORY
facets	Kind  Value  Annotation enumeration  MANDATORY enumeration  ADVISORY enumeration  WITHDRAWN enumeration  PENDING
source	<xs:attribute name="status" type="custom:ControlStatus" default="MANDATORY"/>

attribute ControlObjective/@applicability

type	custom:ControlApplicability
properties	use  optional
facets	Kind  Value  Annotation enumeration  GLOBAL enumeration  ORGANISATION enumeration  SYSTEM enumeration  COMPONENT
source	<xs:attribute name="applicability" type="custom:ControlApplicability" use="optional"/>

attribute ControlObjective/@baseline

type	custom:ControlBaseline
properties	use  optional
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="baseline" type="custom:ControlBaseline" use="optional"/>

element ControlObjective/profile

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:ProtectionProfile
properties	minOcc  0 maxOcc  1 content  complex
children	custom:name custom:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         namespace   xs:QName         SABSA   identify   custom:ControlStrength   required         deter   custom:ControlStrength   required         protect   custom:ControlStrength   required         detect   custom:ControlStrength   required         respond   custom:ControlStrength   required         recover   custom:ControlStrength   required
source	<xs:element name="profile" type="custom:ProtectionProfile" minOccurs="0" maxOccurs="1"/>

complexType Credential

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:DataObject   type   custom:CredentialType   required         authenticationAssurance   custom:ControlBaseline      STANDARD      validityPeriod   xs:duration   required
annotation	documentation A stereotype of data, used to autheniticate a Principal to a system
source	<xs:complexType name="Credential">   <xs:annotation>     <xs:documentation>A stereotype of data, used to autheniticate a Principal to a system</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:DataObject"/>       <xs:attribute name="type" type="custom:CredentialType" use="required"/>       <xs:attribute name="authenticationAssurance" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="validityPeriod" type="xs:duration" use="required"/>     </xs:extension>     <!-- The Credential Type Period -->     <!-- Identifies the Person/ Role responsible for recertification -->     <!-- Expresses the expiry period / time-to-live of the credential -->   </xs:complexContent> </xs:complexType>

attribute Credential/@stereotypeOf

type	xs:QName
properties	fixed  tog:DataObject
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:DataObject"/>

attribute Credential/@type

type	custom:CredentialType
properties	use  required
facets	Kind  Value  Annotation enumeration  PIN enumeration  PASSWORD enumeration  SOFTTOKEN enumeration  INTERNET-APP enumeration  BIOMETRIC enumeration  HARDTOKEN
source	<xs:attribute name="type" type="custom:CredentialType" use="required"/>

attribute Credential/@authenticationAssurance

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticationAssurance" type="custom:ControlBaseline" default="STANDARD"/>

attribute Credential/@validityPeriod

type	xs:duration
properties	use  required
source	<xs:attribute name="validityPeriod" type="xs:duration" use="required"/>

complexType Defect

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tsi:Vulnerability
properties	base  tsi:Vulnerability
children	tog:name tog:description tsi:vulnerabilityRating tsi:vulnerabilityDistribution
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Assessment   sourceURL   xs:anyURI   required         refCode   xs:NMTOKEN   required         publisher   xs:NMTOKEN   optional         releaseDate   xs:date   optional         vector   xs:NMTOKEN   optional         attackComplexity   custom:QualitativeScale   optional         priviegeRequired   custom:QualitativeScale   optional         userInteractionRequired   xs:boolean   optional         confidentialityImpact   custom:QualitativeScale   optional         integrityImpact   custom:QualitativeScale   optional         availabilityImpact   custom:QualitativeScale   optional         patchavailable   xs:date   optional
annotation	documentation Extends Vulnerability for known flaws published as CVE or discovered internally.
source	<xs:complexType name="Defect">   <xs:annotation>     <xs:documentation>Extends Vulnerability for known flaws published as CVE or discovered internally. </xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tsi:Vulnerability">       <xs:attribute name="sourceURL" type="xs:anyURI" use="required"/>       <xs:attribute name="refCode" type="xs:NMTOKEN" use="required"/>       <xs:attributeGroup ref="tsi:cveAttributes"/>     </xs:extension>     <!-- A URL to locate the source document -->     <!--a reference code that uniquely identifies the Control Objective within the namespace-->   </xs:complexContent> </xs:complexType>

attribute Defect/@sourceURL

type	xs:anyURI
properties	use  required
source	<xs:attribute name="sourceURL" type="xs:anyURI" use="required"/>

attribute Defect/@refCode

type	xs:NMTOKEN
properties	use  required
source	<xs:attribute name="refCode" type="xs:NMTOKEN" use="required"/>

complexType EmbeddedMetric

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
used by	element  SABSAAttribute/metric
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      MetricType   tsi:MetricType   required
annotation	documentation Models a metric as a property of a SABSA Attribute
source	<xs:complexType name="EmbeddedMetric">   <xs:annotation>     <xs:documentation>Models a metric as a property of a SABSA Attribute</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="MetricType" type="tsi:MetricType" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute EmbeddedMetric/@MetricType

type	tsi:MetricType
properties	use  required
facets	Kind  Value  Annotation enumeration  SOFT enumeration  HARD
source	<xs:attribute name="MetricType" type="tsi:MetricType" use="required"/>

complexType Exception

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Requirement   namespace   xs:string   optional         refCode   xs:NMTOKEN   optional
annotation	documentation An Exception to a Requirement or Constraint
source	<xs:complexType name="Exception">   <xs:annotation>     <xs:documentation>An Exception to a Requirement or Constraint</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Requirement"/>       <xs:attribute name="namespace" type="xs:string" use="optional"/>       <xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>     </xs:extension>     <!--a namespace indicationg the source of the exception -->     <!--a reference code that uniquely identifies the exception within the namespace-->   </xs:complexContent> </xs:complexType>

attribute Exception/@stereotypeOf

type	xs:QName
properties	fixed  tog:Requirement
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Requirement"/>

attribute Exception/@namespace

type	xs:string
properties	use  optional
source	<xs:attribute name="namespace" type="xs:string" use="optional"/>

attribute Exception/@refCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>

complexType Impact

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:impactRating tsi:lossDistribution
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Assessment   currencyUnits   xs:NMTOKEN   optional         currencyCode   xs:NMTOKEN   optional
annotation	documentation Provides a base type for modelling Loss Magnitude - either qualitatively or quantatively
source	<xs:complexType name="Impact">   <xs:annotation>     <xs:documentation>Provides a base type for modelling Loss Magnitude - either qualitatively or quantatively</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <xs:element name="impactRating" type="custom:QualitativeScale"/>           <xs:element name="lossDistribution" type="custom:ProbabilityDist"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>       <xs:attribute name="currencyUnits" type="xs:NMTOKEN" use="optional"/>       <xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>     </xs:extension>     <!-- Currency units e.g 1, 1000, 1000000 to be applied to the ALE distribution-->     <!-- Currency code as defined in ISO 4217-->   </xs:complexContent> </xs:complexType>

attribute Impact/@stereotypeOf

type	xs:QName
properties	fixed  tog:Assessment
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>

attribute Impact/@currencyUnits

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyUnits" type="xs:NMTOKEN" use="optional"/>

attribute Impact/@currencyCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>

element Impact/impactRating

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:QualitativeScale
properties	content  simple
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:element name="impactRating" type="custom:QualitativeScale"/>

element Impact/lossDistribution

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:ProbabilityDist
properties	content  complex
children	custom:low custom:mode custom:high
source	<xs:element name="lossDistribution" type="custom:ProbabilityDist"/>

complexType Metric

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Meaning   MetricType   tsi:MetricType   required
annotation	documentation Models a metric as a Meaning element, external to a SABSA Attribute
source	<xs:complexType name="Metric">   <xs:annotation>     <xs:documentation>Models a metric as a Meaning element, external to a SABSA Attribute</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Meaning"/>       <xs:attribute name="MetricType" type="tsi:MetricType" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Metric/@stereotypeOf

type	xs:QName
properties	fixed  tog:Meaning
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Meaning"/>

attribute Metric/@MetricType

type	tsi:MetricType
properties	use  required
facets	Kind  Value  Annotation enumeration  SOFT enumeration  HARD
source	<xs:attribute name="MetricType" type="tsi:MetricType" use="required"/>

complexType Risk

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:aleRating tsi:annualLossExpectancy
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Assessment   currencyUnits   xs:NMTOKEN   optional         currencyCode   xs:NMTOKEN   optional
annotation	documentation Provides a base type for modelling risk - either qualitatively or quantatively
source	<xs:complexType name="Risk">   <xs:annotation>     <xs:documentation>Provides a base type for modelling risk - either qualitatively or quantatively</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <xs:element name="aleRating" type="custom:QualitativeScale"/>           <xs:element name="annualLossExpectancy" type="custom:ProbabilityDist"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>       <xs:attribute name="currencyUnits" type="xs:NMTOKEN" use="optional"/>       <xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>     </xs:extension>     <!-- Currency units e.g 1, 1000, 1000000 to be applied to the ALE distribution-->     <!-- Currency code as defined in ISO 4217-->   </xs:complexContent> </xs:complexType>

attribute Risk/@stereotypeOf

type	xs:QName
properties	fixed  tog:Assessment
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>

attribute Risk/@currencyUnits

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyUnits" type="xs:NMTOKEN" use="optional"/>

attribute Risk/@currencyCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>

element Risk/aleRating

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:QualitativeScale
properties	content  simple
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:element name="aleRating" type="custom:QualitativeScale"/>

element Risk/annualLossExpectancy

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:ProbabilityDist
properties	content  complex
children	custom:low custom:mode custom:high
source	<xs:element name="annualLossExpectancy" type="custom:ProbabilityDist"/>

complexType SABSAAttribute

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:metric
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      namespace   xs:QName         SABSA   stereotypeOf   xs:QName         tog:Principle   domain   tsi:AttributeDomain   required
annotation	documentation Models a SABSA Attribute
source	<xs:complexType name="SABSAAttribute">   <xs:annotation>     <xs:documentation>Models a SABSA Attribute</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:element name="metric" type="tsi:EmbeddedMetric" minOccurs="1" maxOccurs="unbounded"/>       </xs:sequence>       <xs:attribute name="namespace" type="xs:QName" fixed="SABSA"/>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Principle"/>       <xs:attribute name="domain" type="tsi:AttributeDomain" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute SABSAAttribute/@namespace

type	xs:QName
properties	fixed  SABSA
source	<xs:attribute name="namespace" type="xs:QName" fixed="SABSA"/>

attribute SABSAAttribute/@stereotypeOf

type	xs:QName
properties	fixed  tog:Principle
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Principle"/>

attribute SABSAAttribute/@domain

type	tsi:AttributeDomain
properties	use  required
facets	Kind  Value  Annotation enumeration  DataAttribute enumeration  UserAttribute enumeration  ManagementAttribute enumeration  OperationalAttribute enumeration  RiskAttribute enumeration  LegalAttribute enumeration  TechnicalAttribute enumeration  StrategicAttribute
source	<xs:attribute name="domain" type="tsi:AttributeDomain" use="required"/>

element SABSAAttribute/metric

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	tsi:EmbeddedMetric
properties	minOcc  1 maxOcc  unbounded content  complex
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      MetricType   tsi:MetricType   required
source	<xs:element name="metric" type="tsi:EmbeddedMetric" minOccurs="1" maxOccurs="unbounded"/>

complexType SecurityDomain

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Grouping   isSecurityDomain   xs:boolean         true
annotation	documentation A Conceptual Security Domain
source	<xs:complexType name="SecurityDomain">   <xs:annotation>     <xs:documentation>A Conceptual Security Domain</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Grouping"/>       <xs:attribute name="isSecurityDomain" type="xs:boolean" fixed="true"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute SecurityDomain/@stereotypeOf

type	xs:QName
properties	fixed  tog:Grouping
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Grouping"/>

attribute SecurityDomain/@isSecurityDomain

type	xs:boolean
properties	fixed  true
source	<xs:attribute name="isSecurityDomain" type="xs:boolean" fixed="true"/>

complexType SecurityEvent

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:AnyEvent   security   xs:boolean         true   criticality   custom:QualitativeScale   required
annotation	documentation A Conceptual Security Event
source	<xs:complexType name="SecurityEvent">   <xs:annotation>     <xs:documentation>A Conceptual Security Event</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:AnyEvent"/>       <xs:attribute name="security" type="xs:boolean" fixed="true"/>       <xs:attribute name="criticality" type="custom:QualitativeScale" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute SecurityEvent/@stereotypeOf

type	xs:QName
properties	fixed  tog:AnyEvent
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:AnyEvent"/>

attribute SecurityEvent/@security

type	xs:boolean
properties	fixed  true
source	<xs:attribute name="security" type="xs:boolean" fixed="true"/>

attribute SecurityEvent/@criticality

type	custom:QualitativeScale
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" use="required"/>

complexType Threat

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:ThreatRating tsi:ThreatEventDistribution
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Assessment
annotation	documentation Provides a base type for modelling Threat - either qualitatively or quantatively
source	<xs:complexType name="Threat">   <xs:annotation>     <xs:documentation>Provides a base type for modelling Threat - either qualitatively or quantatively</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <xs:element name="ThreatRating" type="custom:QualitativeScale"/>           <xs:element name="ThreatEventDistribution" type="custom:ProbabilityDist"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Threat/@stereotypeOf

type	xs:QName
properties	fixed  tog:Assessment
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>

element Threat/ThreatRating

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:QualitativeScale
properties	content  simple
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:element name="ThreatRating" type="custom:QualitativeScale"/>

element Threat/ThreatEventDistribution

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:ProbabilityDist
properties	content  complex
children	custom:low custom:mode custom:high
source	<xs:element name="ThreatEventDistribution" type="custom:ProbabilityDist"/>

complexType Trust

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Principle   namespace   xs:string   optional         refCode   xs:NMTOKEN   optional
annotation	documentation Describes the Trust implicit in an interaction
source	<xs:complexType name="Trust">   <xs:annotation>     <xs:documentation>Describes the Trust implicit in an interaction</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Principle"/>       <xs:attribute name="namespace" type="xs:string" use="optional"/>       <xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>     </xs:extension>     <!--a namespace indicationg the source of the Control -->     <!--a reference code that uniquely identifies the exception within the namespace-->   </xs:complexContent> </xs:complexType>

attribute Trust/@stereotypeOf

type	xs:QName
properties	fixed  tog:Principle
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Principle"/>

attribute Trust/@namespace

type	xs:string
properties	use  optional
source	<xs:attribute name="namespace" type="xs:string" use="optional"/>

attribute Trust/@refCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>

complexType Vulnerability

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:vulnerabilityRating tsi:vulnerabilityDistribution
used by	complexType  Defect
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:Assessment
annotation	documentation Provides a base type for modelling Vulnerability - either qualitatively or quantatively
source	<xs:complexType name="Vulnerability">   <xs:annotation>     <xs:documentation>Provides a base type for modelling Vulnerability - either qualitatively or quantatively</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <xs:element name="vulnerabilityRating" type="custom:QualitativeScale"/>           <xs:element name="vulnerabilityDistribution" type="custom:ProbabilityDist"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Vulnerability/@stereotypeOf

type	xs:QName
properties	fixed  tog:Assessment
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>

element Vulnerability/vulnerabilityRating

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:QualitativeScale
properties	content  simple
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:element name="vulnerabilityRating" type="custom:QualitativeScale"/>

element Vulnerability/vulnerabilityDistribution

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:ProbabilityDist
properties	content  complex
children	custom:low custom:mode custom:high
source	<xs:element name="vulnerabilityDistribution" type="custom:ProbabilityDist"/>

simpleType AttributeDomain

namespace	https://sabsa.org/the-sabsa-institute
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  SABSAAttribute/@domain
facets	Kind  Value  Annotation enumeration  DataAttribute enumeration  UserAttribute enumeration  ManagementAttribute enumeration  OperationalAttribute enumeration  RiskAttribute enumeration  LegalAttribute enumeration  TechnicalAttribute enumeration  StrategicAttribute
annotation	documentation The SABSA Attribute Taxonomy identifies several domains.
source	<xs:simpleType name="AttributeDomain">   <xs:annotation>     <xs:documentation>The SABSA Attribute Taxonomy identifies several domains.</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="DataAttribute"/>     <xs:enumeration value="UserAttribute"/>     <xs:enumeration value="ManagementAttribute"/>     <xs:enumeration value="OperationalAttribute"/>     <xs:enumeration value="RiskAttribute"/>     <xs:enumeration value="LegalAttribute"/>     <xs:enumeration value="TechnicalAttribute"/>     <xs:enumeration value="StrategicAttribute"/>     <!-- Data Attributes -->     <!-- User Attributes -->     <!-- Management Attributes -->     <!-- Operational Attributes -->     <!-- Risk Management Attributes -->     <!-- Legal & reguilatory Attributes -->     <!-- Technical Strategy Attributes -->     <!-- Business Strategy Attributes -->   </xs:restriction> </xs:simpleType>

simpleType MetricType

namespace	https://sabsa.org/the-sabsa-institute
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  EmbeddedMetric/@MetricType Metric/@MetricType
facets	Kind  Value  Annotation enumeration  SOFT enumeration  HARD
annotation	documentation Metrics are classified as being SOFT (Qualitative) or HARD (Quantitative)
source	<xs:simpleType name="MetricType">   <xs:annotation>     <xs:documentation>Metrics are classified as being SOFT (Qualitative) or HARD (Quantitative)</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="SOFT"/>     <xs:enumeration value="HARD"/>     <!-- SOFT Metric -->     <!-- HARD Metric -->   </xs:restriction> </xs:simpleType>

attributeGroup cveAttributes

namespace	https://sabsa.org/the-sabsa-institute
used by	complexType  Defect
attributes	Name   Type   Use   Default   Fixed   Annotation publisher   xs:NMTOKEN   optional         releaseDate   xs:date   optional         vector   xs:NMTOKEN   optional         attackComplexity   custom:QualitativeScale   optional         priviegeRequired   custom:QualitativeScale   optional         userInteractionRequired   xs:boolean   optional         confidentialityImpact   custom:QualitativeScale   optional         integrityImpact   custom:QualitativeScale   optional         availabilityImpact   custom:QualitativeScale   optional         patchavailable   xs:date   optional
source	<xs:attributeGroup name="cveAttributes">   <xs:attribute name="publisher" type="xs:NMTOKEN" use="optional"/>   <xs:attribute name="releaseDate" type="xs:date" use="optional"/>   <xs:attribute name="vector" type="xs:NMTOKEN" use="optional"/>   <xs:attribute name="attackComplexity" type="custom:QualitativeScale" use="optional"/>   <xs:attribute name="priviegeRequired" type="custom:QualitativeScale" use="optional"/>   <xs:attribute name="userInteractionRequired" type="xs:boolean" use="optional"/>   <xs:attribute name="confidentialityImpact" type="custom:QualitativeScale" use="optional"/>   <xs:attribute name="integrityImpact" type="custom:QualitativeScale" use="optional"/>   <xs:attribute name="availabilityImpact" type="custom:QualitativeScale" use="optional"/>   <xs:attribute name="patchavailable" type="xs:date" use="optional"/> </xs:attributeGroup>

attribute cveAttributes/@publisher

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="publisher" type="xs:NMTOKEN" use="optional"/>

attribute cveAttributes/@releaseDate

type	xs:date
properties	use  optional
source	<xs:attribute name="releaseDate" type="xs:date" use="optional"/>

attribute cveAttributes/@vector

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="vector" type="xs:NMTOKEN" use="optional"/>

attribute cveAttributes/@attackComplexity

type	custom:QualitativeScale
properties	use  optional
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="attackComplexity" type="custom:QualitativeScale" use="optional"/>

attribute cveAttributes/@priviegeRequired

type	custom:QualitativeScale
properties	use  optional
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="priviegeRequired" type="custom:QualitativeScale" use="optional"/>

attribute cveAttributes/@userInteractionRequired

type	xs:boolean
properties	use  optional
source	<xs:attribute name="userInteractionRequired" type="xs:boolean" use="optional"/>

attribute cveAttributes/@confidentialityImpact

type	custom:QualitativeScale
properties	use  optional
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="confidentialityImpact" type="custom:QualitativeScale" use="optional"/>

attribute cveAttributes/@integrityImpact

type	custom:QualitativeScale
properties	use  optional
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="integrityImpact" type="custom:QualitativeScale" use="optional"/>

attribute cveAttributes/@availabilityImpact

type	custom:QualitativeScale
properties	use  optional
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="availabilityImpact" type="custom:QualitativeScale" use="optional"/>

attribute cveAttributes/@patchavailable

type	xs:date
properties	use  optional
source	<xs:attribute name="patchavailable" type="xs:date" use="optional"/>

attributeGroup RiskAttributes

namespace	https://sabsa.org/the-sabsa-institute
attributes	Name   Type   Use   Default   Fixed   Annotation stereotypeOf   xs:QName         tog:Assessment
source	<xs:attributeGroup name="RiskAttributes">   <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/> </xs:attributeGroup>

attribute RiskAttributes/@stereotypeOf

type	xs:QName
properties	fixed  tog:Assessment
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Assessment"/>

complexType Account

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      stereotypeOf   xs:QName         tog:BusinessActor   type   tsi:AccountType      NOMINAL      policy   xs:string   optional
source	<xs:complexType name="Account">   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessActor"/>       <xs:attribute name="type" type="tsi:AccountType" default="NOMINAL"/>       <xs:attribute name="policy" type="xs:string" use="optional"/>     </xs:extension>     <!-- The type indicates whether the account is intended for use by human individuals (NOMINAL), shared among a team (FUNCTIONAL) or machines (TECHNICAL) -->     <!--  policy identifies a policy URL that defines account namespaces, naming conventions, the assignment or right to claim a particular account name  -->   </xs:complexContent> </xs:complexType>

attribute Account/@stereotypeOf

type	xs:QName
properties	fixed  tog:BusinessActor
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:BusinessActor"/>

attribute Account/@type

type	tsi:AccountType
properties	default  NOMINAL
facets	Kind  Value  Annotation enumeration  NOMINAL enumeration  FUNCTIONAL enumeration  TECHNICAL enumeration  DISPOSABLE
source	<xs:attribute name="type" type="tsi:AccountType" default="NOMINAL"/>

attribute Account/@policy

type	xs:string
properties	use  optional
source	<xs:attribute name="policy" type="xs:string" use="optional"/>

complexType Malware

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      type   custom:MalwareType   optional
annotation	documentation Security properties of Malicious Code
source	<xs:complexType name="Malware">   <xs:annotation>     <xs:documentation>Security properties of Malicious Code</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="type" type="custom:MalwareType" use="optional"/>     </xs:extension>     <!-- An open vocabulary of Malware types - modelled on STIX -->   </xs:complexContent> </xs:complexType>

attribute Malware/@type

type	custom:MalwareType
properties	use  optional
facets	Kind  Value  Annotation enumeration  ADWARE enumeration  BACKDOOR enumeration  BOT enumeration  BOOTKIT enumeration  DDOS enumeration  DOWNLOADER enumeration  DROPPER enumeration  EXPLOIT-KIT enumeration  KEYLOGGER enumeration  RANSOMWARE enumeration  REMOTE-ACCESS-TROJAN enumeration  RESOURCE-EXPLOITATION enumeration  ROGUE-SECURITY-SOFTWARE enumeration  ROOTKIT enumeration  SCREEN-CAPTURE enumeration  SPYWARE enumeration  TROJAN enumeration  UNKNOWN enumeration  VIRUS enumeration  WEBSHELL enumeration  WIPER enumeration  WORM
source	<xs:attribute name="type" type="custom:MalwareType" use="optional"/>

simpleType AccountType

namespace	https://sabsa.org/the-sabsa-institute
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  Account/@type
facets	Kind  Value  Annotation enumeration  NOMINAL enumeration  FUNCTIONAL enumeration  TECHNICAL enumeration  DISPOSABLE
annotation	documentation Broad classification of differenttypes of Account
source	<xs:simpleType name="AccountType">   <xs:annotation>     <xs:documentation>Broad classification of differenttypes of Account</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NOMINAL"/>     <xs:enumeration value="FUNCTIONAL"/>     <xs:enumeration value="TECHNICAL"/>     <xs:enumeration value="DISPOSABLE"/>     <!-- An individual named account for a person -->     <!-- An account shared by members of a group with a common function e.g. ADMIN, ROOT -->     <!-- An account used by a machine actor: an application, process, robot etc. -->     <!-- A temporary disposable account loaned to a guest, a trainee, for test purposes etc. -->   </xs:restriction> </xs:simpleType>

complexType Data

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:DataObject
properties	base  tog:DataObject
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      anonymisation   custom:AnonymityProtection      NONE      encryption   custom:ConfidentialityProtection      NONE      integrity   custom:TamperProtection      NONE      authenticity   custom:OriginAssurance      NONE      stereotypeOf   xs:QName         tog:Artifact   type   custom:DataType      FILE
annotation	documentation Security properties of an Executable Artefact
source	<xs:complexType name="Data">   <xs:annotation>     <xs:documentation>Security properties of an Executable Artefact</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:DataObject">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Artifact"/>       <xs:attribute name="type" type="custom:DataType" default="FILE"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Data/@stereotypeOf

type	xs:QName
properties	fixed  tog:Artifact
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Artifact"/>

attribute Data/@type

type	custom:DataType
properties	default  FILE
facets	Kind  Value  Annotation enumeration  UNDEFINED enumeration  FILE enumeration  DB_RECORD enumeration  DB_FIELD enumeration  DB_TABLE
source	<xs:attribute name="type" type="custom:DataType" default="FILE"/>

complexType Executable

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:SystemSoftware
properties	base  tog:SystemSoftware
children	tog:name tog:description tog:authenticityCheck
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      provider   xs:string   required         providerURI   xs:anyURI   optional         acquisitionModel   custom:AcquisitionType      COTS      thisVersion   xs:string   required         latestVersion   xs:string   required         patchStatus   custom:PatchStatusType      UNKNOWN      lastPatched   xs:date   optional         stereotypeOf   xs:QName         tog:Artifact
annotation	documentation Security properties of an Executable Artefact
source	<xs:complexType name="Executable">   <xs:annotation>     <xs:documentation>Security properties of an Executable Artefact</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:SystemSoftware">       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Artifact"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Executable/@stereotypeOf

type	xs:QName
properties	fixed  tog:Artifact
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Artifact"/>

complexType TechnologyFunction

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:executionFrequency tsi:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
annotation	documentation Security properties of Technology Function
source	<xs:complexType name="TechnologyFunction">   <xs:annotation>     <xs:documentation>Security properties of Technology Function</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:TechBehaviourAttributes"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

element TechnologyFunction/executionFrequency

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element TechnologyFunction/executionPeriod

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType TechnologyInteraction

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:executionFrequency tsi:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false      segregationOfDuty   custom:SegregationType   required
annotation	documentation Security properties of Technology Interaction
source	<xs:complexType name="TechnologyInteraction">   <xs:annotation>     <xs:documentation>Security properties of Technology Interaction</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:TechBehaviourAttributes"/>       <xs:attribute name="segregationOfDuty" type="custom:SegregationType" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute TechnologyInteraction/@segregationOfDuty

type	custom:SegregationType
properties	use  required
facets	Kind  Value  Annotation enumeration  NONE enumeration  BY-ACTOR enumeration  BY-ROLE
source	<xs:attribute name="segregationOfDuty" type="custom:SegregationType" use="required"/>

element TechnologyInteraction/executionFrequency

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element TechnologyInteraction/executionPeriod

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType TechnologyProcess

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tsi:executionFrequency tsi:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
annotation	documentation Security properties of Technology Process
source	<xs:complexType name="TechnologyProcess">   <xs:annotation>     <xs:documentation>Security properties of Technology Process</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:TechBehaviourAttributes"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

element TechnologyProcess/executionFrequency

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element TechnologyProcess/executionPeriod

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType TechnologyService

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      identityProof   custom:ControlBaseline      STANDARD      authenticationStrength   custom:ControlBaseline      STANDARD      authenticatorTrust   custom:ControlBaseline      STANDARD      availability   custom:QualitativeScale      UNCLASSIFIED      capacity   xs:nonNegativeInteger   optional         latency   xs:float   optional         rto   xs:duration   required         rpo   xs:duration   required
annotation	documentation Defines an Technology Service Requirements i.e. from the perspective of the Service Provider
source	<xs:complexType name="TechnologyService">   <xs:annotation>     <xs:documentation>Defines an Technology Service Requirements i.e. from the perspective of the Service Provider</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="identityProof" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="authenticationStrength" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="availability" type="custom:QualitativeScale" default="UNCLASSIFIED"/>       <xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>       <xs:attribute name="latency" type="xs:float" use="optional"/>       <xs:attribute name="rto" type="xs:duration" use="required"/>       <xs:attribute name="rpo" type="xs:duration" use="required"/>     </xs:extension>     <!-- enrolment & credential issuance processes bind the applicant to a real identity-->     <!-- the assurance strength of the authentication mechanism itself -->     <!-- assurance in way the credential is presented, considering aspects such as bearer-type, one-time use, freshness, challenge/response etc.-->     <!-- Availability as an enumerated scale mapped to organisation's operational scales e.g.HIGH = 99.99% - 99.999%-->     <!-- Evaluation the required capacity / throughput (e.g. requests / minute) that the service can handle-->     <!-- Evaluation the required  latency / response time that the service can handle-->     <!-- Recovery Time Objective-->     <!-- Recovery Point Objective-->   </xs:complexContent> </xs:complexType>

attribute TechnologyService/@identityProof

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="identityProof" type="custom:ControlBaseline" default="STANDARD"/>

attribute TechnologyService/@authenticationStrength

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticationStrength" type="custom:ControlBaseline" default="STANDARD"/>

attribute TechnologyService/@authenticatorTrust

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" default="STANDARD"/>

attribute TechnologyService/@availability

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="availability" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute TechnologyService/@capacity

type	xs:nonNegativeInteger
properties	use  optional
source	<xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>

attribute TechnologyService/@latency

type	xs:float
properties	use  optional
source	<xs:attribute name="latency" type="xs:float" use="optional"/>

attribute TechnologyService/@rto

type	xs:duration
properties	use  required
source	<xs:attribute name="rto" type="xs:duration" use="required"/>

attribute TechnologyService/@rpo

type	xs:duration
properties	use  required
source	<xs:attribute name="rpo" type="xs:duration" use="required"/>

attributeGroup TechBehaviourAttributes

namespace	https://sabsa.org/the-sabsa-institute
attributes	Name   Type   Use   Default   Fixed   Annotation criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
source	<xs:attributeGroup name="TechBehaviourAttributes">   <!-- Enumerates the criticality of a Business behaviour-->   <xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>   <!-- Enumerates the privilege level with which the behaviour is performed-->   <xs:attribute name="privilege" type="custom:ApplicationRoleType" use="required"/>   <!-- Enumerates the legal basis for any processing of Personal Identifiable Information e.g. GDPR<-->   <xs:attribute name="piiLegalBasis" type="custom:PIILegalBasis" use="optional"/>   <!-- Indicates whether the processing is transaction safe - ACID properties<-->   <xs:attribute name="isTransactional" type="xs:boolean" default="false"/>   <!-- Indicates whether the processing produces a transaction log<-->   <xs:attribute name="isLogged" type="xs:boolean" default="false"/> </xs:attributeGroup>

attribute TechBehaviourAttributes/@criticality

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute TechBehaviourAttributes/@privilege

type	custom:ApplicationRoleType
properties	use  required
facets	Kind  Value  Annotation enumeration  SELF enumeration  DELEGATE enumeration  IMPERSONATE enumeration  SYSTEM
source	<xs:attribute name="privilege" type="custom:ApplicationRoleType" use="required"/>

attribute TechBehaviourAttributes/@piiLegalBasis

type	custom:PIILegalBasis
properties	use  optional
facets	Kind  Value  Annotation enumeration  COMPLIANCE enumeration  CONSENT enumeration  CONTROLLER_INTEREST enumeration  NECESSITY enumeration  PUBLIC_INTEREST enumeration  SUBJECT_INTEREST
source	<xs:attribute name="piiLegalBasis" type="custom:PIILegalBasis" use="optional"/>

attribute TechBehaviourAttributes/@isTransactional

type	xs:boolean
properties	default  false
source	<xs:attribute name="isTransactional" type="xs:boolean" default="false"/>

attribute TechBehaviourAttributes/@isLogged

type	xs:boolean
properties	default  false
source	<xs:attribute name="isLogged" type="xs:boolean" default="false"/>

complexType Conceptualisation

diagram
namespace	https://sabsa.org/the-sabsa-institute
children	tsi:name tsi:description
attributes	Name   Type   Use   Default   Fixed   Annotation stereotypeOf   xs:QName         tog:Association   isDirected   xs:boolean         true
annotation	documentation Defines a Conceptualisation relationship from a Business layer Element to a conceptual element
source	<xs:complexType name="Conceptualisation">   <xs:annotation>     <xs:documentation>Defines a Conceptualisation relationship from a Business layer Element to a conceptual element</xs:documentation>   </xs:annotation>   <xs:sequence>     <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>     <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>   </xs:sequence>   <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Association"/>   <xs:attribute name="isDirected" type="xs:boolean" fixed="true"/> </xs:complexType>

attribute Conceptualisation/@stereotypeOf

type	xs:QName
properties	fixed  tog:Association
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Association"/>

attribute Conceptualisation/@isDirected

type	xs:boolean
properties	fixed  true
source	<xs:attribute name="isDirected" type="xs:boolean" fixed="true"/>

element Conceptualisation/name

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:string
properties	content  simple
source	<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>

element Conceptualisation/description

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:string
properties	minOcc  0 maxOcc  1 content  simple
source	<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>

complexType RACI

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	extension of tog:Association
properties	base  tog:Association
children	tog:name tog:description tsi:name
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         sourceCardinality   xs:nonNegativeInteger      1      targetCardinality   xs:nonNegativeInteger      1      isDirected   xs:boolean      false      stereotypeOf   xs:QName         tog:Association   isDirected   xs:boolean         true
annotation	documentation Defines a RACI relationship
source	<xs:complexType name="RACI">   <xs:annotation>     <xs:documentation>Defines a RACI relationship</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:Association">       <xs:sequence>         <xs:element name="name" type="tsi:RACIType" minOccurs="1" maxOccurs="1"/>       </xs:sequence>       <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Association"/>       <xs:attribute name="isDirected" type="xs:boolean" fixed="true"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute RACI/@stereotypeOf

type	xs:QName
properties	fixed  tog:Association
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Association"/>

attribute RACI/@isDirected

type	xs:boolean
properties	fixed  true
source	<xs:attribute name="isDirected" type="xs:boolean" fixed="true"/>

element RACI/name

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	tsi:RACIType
properties	content  simple
facets	Kind  Value  Annotation enumeration  RESPONSIBLE enumeration  ACCOUNTABLE enumeration  CONSULTED enumeration  INFORMED
source	<xs:element name="name" type="tsi:RACIType" minOccurs="1" maxOccurs="1"/>

complexType Realisation

diagram
namespace	https://sabsa.org/the-sabsa-institute
children	tsi:name tsi:description
attributes	Name   Type   Use   Default   Fixed   Annotation stereotypeOf   xs:QName         tog:Association   isDirected   xs:boolean         true
annotation	documentation Alternative form of a Realisation relationship fused as a workaround
source	<xs:complexType name="Realisation">   <xs:annotation>     <xs:documentation>Alternative form of a Realisation relationship fused as a workaround</xs:documentation>   </xs:annotation>   <xs:sequence>     <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>     <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>   </xs:sequence>   <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Association"/>   <xs:attribute name="isDirected" type="xs:boolean" fixed="true"/> </xs:complexType>

attribute Realisation/@stereotypeOf

type	xs:QName
properties	fixed  tog:Association
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Association"/>

attribute Realisation/@isDirected

type	xs:boolean
properties	fixed  true
source	<xs:attribute name="isDirected" type="xs:boolean" fixed="true"/>

element Realisation/name

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:string
properties	content  simple
source	<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>

element Realisation/description

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:string
properties	minOcc  0 maxOcc  1 content  simple
source	<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>

complexType trusts

diagram
namespace	https://sabsa.org/the-sabsa-institute
children	tsi:name tsi:description
attributes	Name   Type   Use   Default   Fixed   Annotation stereotypeOf   xs:QName         tog:Flow   isDirected   xs:boolean         true
annotation	documentation A trust relationship extended from soure element to target element
source	<xs:complexType name="trusts">   <xs:annotation>     <xs:documentation>A trust relationship extended from soure element to target element</xs:documentation>   </xs:annotation>   <xs:sequence>     <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>     <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>   </xs:sequence>   <xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Flow"/>   <xs:attribute name="isDirected" type="xs:boolean" fixed="true"/> </xs:complexType>

attribute trusts/@stereotypeOf

type	xs:QName
properties	fixed  tog:Flow
source	<xs:attribute name="stereotypeOf" type="xs:QName" fixed="tog:Flow"/>

attribute trusts/@isDirected

type	xs:boolean
properties	fixed  true
source	<xs:attribute name="isDirected" type="xs:boolean" fixed="true"/>

element trusts/name

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:string
properties	content  simple
source	<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>

element trusts/description

diagram
namespace	https://sabsa.org/the-sabsa-institute
type	xs:string
properties	minOcc  0 maxOcc  1 content  simple
source	<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>

simpleType RACIType

namespace	https://sabsa.org/the-sabsa-institute
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	element  RACI/name
facets	Kind  Value  Annotation enumeration  RESPONSIBLE enumeration  ACCOUNTABLE enumeration  CONSULTED enumeration  INFORMED
annotation	documentation Enumerates RACI roles
source	<xs:simpleType name="RACIType">   <xs:annotation>     <xs:documentation>Enumerates RACI roles</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="RESPONSIBLE"/>     <xs:enumeration value="ACCOUNTABLE"/>     <xs:enumeration value="CONSULTED"/>     <xs:enumeration value="INFORMED"/>   </xs:restriction> </xs:simpleType>

complexType CodeAuthenticity

diagram
namespace	https://sabsa.org/custom
type	extension of xs:hexBinary
properties	base  xs:hexBinary
used by	element  SystemSoftware/authenticityCheck
attributes	Name   Type   Use   Default   Fixed   Annotation fileName   xs:Name   required         checkType   custom:TamperProtection   required
annotation	documentation hA structure that enables the Vendor's code integrity check to be validated.
source	<xs:complexType name="CodeAuthenticity">   <xs:annotation>     <xs:documentation>hA structure that enables the Vendor's code integrity check to be validated.</xs:documentation>   </xs:annotation>   <xs:simpleContent>     <xs:extension base="xs:hexBinary">       <xs:attribute name="fileName" type="xs:Name" use="required"/>       <xs:attribute name="checkType" type="custom:TamperProtection" use="required"/>     </xs:extension>   </xs:simpleContent> </xs:complexType>

attribute CodeAuthenticity/@fileName

type	xs:Name
properties	use  required
source	<xs:attribute name="fileName" type="xs:Name" use="required"/>

attribute CodeAuthenticity/@checkType

type	custom:TamperProtection
properties	use  required
facets	Kind  Value  Annotation enumeration  NONE enumeration  CHECKSUM enumeration  MD5 enumeration  HMAC enumeration  SHA1 enumeration  SHA2 enumeration  SIGNATURE
source	<xs:attribute name="checkType" type="custom:TamperProtection" use="required"/>

complexType HumanInterfaceTyoe

diagram
namespace	https://sabsa.org/custom
used by	elements  ApplicationInterface/humanInterface TechnologyInterface/humanInterface
attributes	Name   Type   Use   Default   Fixed   Annotation userType   custom:UserType         HUMAN   type   derived by: xs:NMTOKEN
annotation	documentation Broad classification of human interfaces
source	<xs:complexType name="HumanInterfaceTyoe">   <xs:annotation>     <xs:documentation>Broad classification of human interfaces</xs:documentation>   </xs:annotation>   <xs:attribute name="userType" type="custom:UserType" fixed="HUMAN"/>   <xs:attribute name="type">     <xs:simpleType>       <xs:restriction base="xs:NMTOKEN">         <xs:enumeration value="GUI"/>         <xs:enumeration value="COMMANDLINE"/>         <xs:enumeration value="VOICE"/>         <!-- Graphical UI. -->         <!-- Command line. -->         <!-- Voice Controlled. -->       </xs:restriction>     </xs:simpleType>   </xs:attribute> </xs:complexType>

attribute HumanInterfaceTyoe/@userType

type	custom:UserType
properties	fixed  HUMAN
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  MACHINE
source	<xs:attribute name="userType" type="custom:UserType" fixed="HUMAN"/>

attribute HumanInterfaceTyoe/@type

type	restriction of xs:NMTOKEN
facets	Kind  Value  Annotation enumeration  GUI enumeration  COMMANDLINE enumeration  VOICE
source	<xs:attribute name="type">   <xs:simpleType>     <xs:restriction base="xs:NMTOKEN">       <xs:enumeration value="GUI"/>       <xs:enumeration value="COMMANDLINE"/>       <xs:enumeration value="VOICE"/>       <!-- Graphical UI. -->       <!-- Command line. -->       <!-- Voice Controlled. -->     </xs:restriction>   </xs:simpleType> </xs:attribute>

complexType IntegerRange

diagram
namespace	https://sabsa.org/custom
children	custom:min custom:mode custom:max
used by	elements  BusinessFunction/executionFrequency BusinessProcess/executionFrequency BusinessInteraction/executionFrequency ApplicationFunction/executionFrequency ApplicationProcess/executionFrequency ApplicationInteraction/executionFrequency TechnologyFunction/executionFrequency TechnologyProcess/executionFrequency TechnologyInteraction/executionFrequency BusinessActor/populationRange TechnologyFunction/executionFrequency TechnologyProcess/executionFrequency TechnologyInteraction/executionFrequency DataSubject/populationRange ThreatAgent/populationRange
annotation	documentation Defines an Integer Range for use in qualitative methods that contains a {minimum, mode, maximum} triple
source	<xs:complexType name="IntegerRange">   <xs:annotation>     <xs:documentation>Defines an Integer Range for use in qualitative methods that contains a {minimum, mode, maximum} triple</xs:documentation>   </xs:annotation>   <xs:sequence>     <!--  sets the 5% confidence interval -->     <xs:element name="min" type="xs:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>     <!--  mode is the most likely value -->     <xs:element name="mode" type="xs:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>     <!--  sets the 95% confidence interval -->     <xs:element name="max" type="xs:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>   </xs:sequence> </xs:complexType>

element IntegerRange/min

diagram
namespace	https://sabsa.org/custom
type	xs:nonNegativeInteger
properties	content  simple
source	<xs:element name="min" type="xs:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>

element IntegerRange/mode

diagram
namespace	https://sabsa.org/custom
type	xs:nonNegativeInteger
properties	content  simple
source	<xs:element name="mode" type="xs:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>

element IntegerRange/max

diagram
namespace	https://sabsa.org/custom
type	xs:nonNegativeInteger
properties	content  simple
source	<xs:element name="max" type="xs:nonNegativeInteger" minOccurs="1" maxOccurs="1"/>

complexType MachineInterfaceTyoe

diagram
namespace	https://sabsa.org/custom
used by	elements  ApplicationInterface/machineInterface TechnologyInterface/machineInterface
attributes	Name   Type   Use   Default   Fixed   Annotation userType   custom:UserType         MACHINE   type   derived by: xs:NMTOKEN
annotation	documentation Broad classification of machine interfaces
source	<xs:complexType name="MachineInterfaceTyoe">   <xs:annotation>     <xs:documentation>Broad classification of machine interfaces</xs:documentation>   </xs:annotation>   <xs:attribute name="userType" type="custom:UserType" fixed="MACHINE"/>   <xs:attribute name="type">     <xs:simpleType>       <xs:restriction base="xs:NMTOKEN">         <xs:enumeration value="API"/>         <xs:enumeration value="MESSAGE"/>         <xs:enumeration value="REST"/>         <xs:enumeration value="SOAP"/>         <xs:enumeration value="RPC"/>         <!--API. -->         <!-- Message-oriented.Middleware -->         <!-- REST -->         <!--  SOAP. -->         <!--  RPC. -->       </xs:restriction>     </xs:simpleType>   </xs:attribute> </xs:complexType>

attribute MachineInterfaceTyoe/@userType

type	custom:UserType
properties	fixed  MACHINE
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  MACHINE
source	<xs:attribute name="userType" type="custom:UserType" fixed="MACHINE"/>

attribute MachineInterfaceTyoe/@type

type	restriction of xs:NMTOKEN
facets	Kind  Value  Annotation enumeration  API enumeration  MESSAGE enumeration  REST enumeration  SOAP enumeration  RPC
source	<xs:attribute name="type">   <xs:simpleType>     <xs:restriction base="xs:NMTOKEN">       <xs:enumeration value="API"/>       <xs:enumeration value="MESSAGE"/>       <xs:enumeration value="REST"/>       <xs:enumeration value="SOAP"/>       <xs:enumeration value="RPC"/>       <!--API. -->       <!-- Message-oriented.Middleware -->       <!-- REST -->       <!--  SOAP. -->       <!--  RPC. -->     </xs:restriction>   </xs:simpleType> </xs:attribute>

complexType PII

diagram
namespace	https://sabsa.org/custom
used by	element  BusinessObject/pii
attributes	Name   Type   Use   Default   Fixed   Annotation classification   custom:piiClassification      NONE      couldBeMinor   xs:boolean      false      reviewPeriod   xs:duration   optional
source	<xs:complexType name="PII">   <xs:attribute name="classification" type="custom:piiClassification" default="NONE"/>   <xs:attribute name="couldBeMinor" type="xs:boolean" default="false"/>   <xs:attribute name="reviewPeriod" type="xs:duration" use="optional"/> </xs:complexType>

attribute PII/@classification

type	custom:piiClassification
properties	default  NONE
facets	Kind  Value  Annotation enumeration  NONE enumeration  PERSONAL enumeration  SENSITIVE-PERSONAL
source	<xs:attribute name="classification" type="custom:piiClassification" default="NONE"/>

attribute PII/@couldBeMinor

type	xs:boolean
properties	default  false
source	<xs:attribute name="couldBeMinor" type="xs:boolean" default="false"/>

attribute PII/@reviewPeriod

type	xs:duration
properties	use  optional
source	<xs:attribute name="reviewPeriod" type="xs:duration" use="optional"/>

complexType ProbabilityDist

diagram
namespace	https://sabsa.org/custom
children	custom:low custom:mode custom:high
used by	elements  Value/valueDistribution Risk/annualLossExpectancy Impact/lossDistribution Threat/ThreatEventDistribution Vulnerability/vulnerabilityDistribution
annotation	documentation Defines a Probability Distribution structure for use in qualitative methods that contains a {minimum, mode, maximum} triple
source	<xs:complexType name="ProbabilityDist">   <xs:annotation>     <xs:documentation>Defines a Probability Distribution structure for use in qualitative methods that contains a {minimum, mode, maximum} triple</xs:documentation>   </xs:annotation>   <xs:sequence>     <!--  sets the 5% confidence interval -->     <xs:element name="low" type="xs:float" minOccurs="1" maxOccurs="1"/>     <!--  mode is the most likely value -->     <xs:element name="mode" type="xs:float" minOccurs="1" maxOccurs="1"/>     <!--  sets the 95% confidence interval -->     <xs:element name="high" type="xs:float" minOccurs="1" maxOccurs="1"/>   </xs:sequence> </xs:complexType>

element ProbabilityDist/low

diagram
namespace	https://sabsa.org/custom
type	xs:float
properties	content  simple
source	<xs:element name="low" type="xs:float" minOccurs="1" maxOccurs="1"/>

element ProbabilityDist/mode

diagram
namespace	https://sabsa.org/custom
type	xs:float
properties	content  simple
source	<xs:element name="mode" type="xs:float" minOccurs="1" maxOccurs="1"/>

element ProbabilityDist/high

diagram
namespace	https://sabsa.org/custom
type	xs:float
properties	content  simple
source	<xs:element name="high" type="xs:float" minOccurs="1" maxOccurs="1"/>

complexType ProtectionProfile

diagram
namespace	https://sabsa.org/custom
children	custom:name custom:description
used by	elements  Requirement/profile ControlObjective/profile ComplianceObjective/profile
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         namespace   xs:QName         SABSA   identify   custom:ControlStrength   required         deter   custom:ControlStrength   required         protect   custom:ControlStrength   required         detect   custom:ControlStrength   required         respond   custom:ControlStrength   required         recover   custom:ControlStrength   required
source	<xs:complexType name="ProtectionProfile">   <xs:sequence>     <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>     <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>   </xs:sequence>   <xs:attribute name="id" type="xs:ID" use="required"/>   <xs:attribute name="namespace" type="xs:QName" fixed="SABSA"/>   <xs:attribute name="identify" type="custom:ControlStrength" use="required"/>   <xs:attribute name="deter" type="custom:ControlStrength" use="required"/>   <xs:attribute name="protect" type="custom:ControlStrength" use="required"/>   <xs:attribute name="detect" type="custom:ControlStrength" use="required"/>   <xs:attribute name="respond" type="custom:ControlStrength" use="required"/>   <xs:attribute name="recover" type="custom:ControlStrength" use="required"/> </xs:complexType>

attribute ProtectionProfile/@id

type	xs:ID
properties	use  required
source	<xs:attribute name="id" type="xs:ID" use="required"/>

attribute ProtectionProfile/@namespace

type	xs:QName
properties	fixed  SABSA
source	<xs:attribute name="namespace" type="xs:QName" fixed="SABSA"/>

attribute ProtectionProfile/@identify

type	custom:ControlStrength
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  WEAK enumeration  MODERATE enumeration  STRONG enumeration  VSTRONG
source	<xs:attribute name="identify" type="custom:ControlStrength" use="required"/>

attribute ProtectionProfile/@deter

type	custom:ControlStrength
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  WEAK enumeration  MODERATE enumeration  STRONG enumeration  VSTRONG
source	<xs:attribute name="deter" type="custom:ControlStrength" use="required"/>

attribute ProtectionProfile/@protect

type	custom:ControlStrength
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  WEAK enumeration  MODERATE enumeration  STRONG enumeration  VSTRONG
source	<xs:attribute name="protect" type="custom:ControlStrength" use="required"/>

attribute ProtectionProfile/@detect

type	custom:ControlStrength
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  WEAK enumeration  MODERATE enumeration  STRONG enumeration  VSTRONG
source	<xs:attribute name="detect" type="custom:ControlStrength" use="required"/>

attribute ProtectionProfile/@respond

type	custom:ControlStrength
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  WEAK enumeration  MODERATE enumeration  STRONG enumeration  VSTRONG
source	<xs:attribute name="respond" type="custom:ControlStrength" use="required"/>

attribute ProtectionProfile/@recover

type	custom:ControlStrength
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  WEAK enumeration  MODERATE enumeration  STRONG enumeration  VSTRONG
source	<xs:attribute name="recover" type="custom:ControlStrength" use="required"/>

element ProtectionProfile/name

diagram
namespace	https://sabsa.org/custom
type	xs:string
properties	content  simple
source	<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>

element ProtectionProfile/description

diagram
namespace	https://sabsa.org/custom
type	xs:string
properties	minOcc  0 maxOcc  1 content  simple
source	<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>

complexType Value

diagram
namespace	https://sabsa.org/custom
type	extension of xs:float
properties	base  xs:float
used by	elements  ValueChain/finalValue ValueChain/margin ValueChain/materialCost ValueChain/processingCost ValueChain/secondaryCost
attributes	Name   Type   Use   Default   Fixed   Annotation units   xs:NMTOKEN   required         currencyCode   xs:NMTOKEN   optional
source	<xs:complexType name="Value">   <xs:simpleContent>     <xs:extension base="xs:float">       <xs:attribute name="units" type="xs:NMTOKEN" use="required"/>       <xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>     </xs:extension>   </xs:simpleContent> </xs:complexType>

attribute Value/@units

type	xs:NMTOKEN
properties	use  required
source	<xs:attribute name="units" type="xs:NMTOKEN" use="required"/>

attribute Value/@currencyCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>

simpleType AcidProperties

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKENS
properties	base  xs:NMTOKENS
facets	Kind  Value  Annotation enumeration  ATOMIC enumeration  CONSISTENT enumeration  ISOLATED enumeration  DURABLE
annotation	documentation Denotes which acid properties are exhibited by the behaviour
source	<xs:simpleType name="AcidProperties">   <xs:annotation>     <xs:documentation>Denotes which acid properties are exhibited by the behaviour</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKENS">     <xs:enumeration value="ATOMIC"/>     <xs:enumeration value="CONSISTENT"/>     <xs:enumeration value="ISOLATED"/>     <xs:enumeration value="DURABLE"/>     <!--  Atomicity guarantees that each transaction is treated as a single "unit", which either succeeds completely, or fails completely: -->     <!--  Consistency ensures that a transaction can only bring the database from one valid state to another: -->     <!--  Where functions are often executed concurrently (e.g., multi-threaded). Isolation ensures that threads do not interfere with each other -->     <!--  Durability guarantees that once a transaction has been committed, it will remain committed even in the case of a system failure: -->   </xs:restriction> </xs:simpleType>

simpleType AcquisitionType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  SystemSoftware/@acquisitionModel ApplicationComponent/@acquisitionType
facets	Kind  Value  Annotation enumeration  UNCLASSIFIED enumeration  OWN_CUSTOM enumeration  VENDOR_CUSTOM enumeration  OPENSOURCE enumeration  COTS enumeration  GOTS
annotation	documentation Enumerates the type of software acquisition
source	<xs:simpleType name="AcquisitionType">   <xs:annotation>     <xs:documentation>Enumerates the type of software acquisition</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="UNCLASSIFIED"/>     <xs:enumeration value="OWN_CUSTOM"/>     <xs:enumeration value="VENDOR_CUSTOM"/>     <xs:enumeration value="OPENSOURCE"/>     <xs:enumeration value="COTS"/>     <xs:enumeration value="GOTS"/>     <!-- Unclassified - Classification Not Yet Performed -->     <!-- Bespoke own custom-build -->     <!-- Bespoke Vendor Outsource -->     <!-- Open Source -->     <!-- Commercial Off-the-Shelf -->     <!-- Government Off-the-Shelf -->   </xs:restriction> </xs:simpleType>

simpleType AnonymityProtection

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  DataObject/@anonymisation
facets	Kind  Value  Annotation enumeration  NONE enumeration  MASK enumeration  REDACT enumeration  TOKEN enumeration  HASH enumeration  OBSFUCATE
annotation	documentation Identifies methods used to protect private data
source	<xs:simpleType name="AnonymityProtection">   <xs:annotation>     <xs:documentation>Identifies methods used to protect private data</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NONE"/>     <xs:enumeration value="MASK"/>     <xs:enumeration value="REDACT"/>     <xs:enumeration value="TOKEN"/>     <xs:enumeration value="HASH"/>     <xs:enumeration value="OBSFUCATE"/>     <!-- No mechanisms deployed -->     <!-- Uses Data Masking / Redaction -->     <!-- Uses Data Suppression -->     <!-- Uses Token Substitution- -->     <!-- Uses Hashing-->     <!-- Uses Obfuscation-->   </xs:restriction> </xs:simpleType>

simpleType ApplicationRoleType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  TechBehaviourAttributes/@privilege AppBehaviourAttributes/@privilege TechBehaviourAttributes/@privilege
facets	Kind  Value  Annotation enumeration  SELF enumeration  DELEGATE enumeration  IMPERSONATE enumeration  SYSTEM
annotation	documentation Roles represent the duties of the Actor w.rT. a given behaviour element
source	<xs:simpleType name="ApplicationRoleType">   <xs:annotation>     <xs:documentation>Roles represent the duties of the Actor w.rT. a given behaviour element</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="SELF"/>     <xs:enumeration value="DELEGATE"/>     <xs:enumeration value="IMPERSONATE"/>     <xs:enumeration value="SYSTEM"/>     <!-- Acting via a Least Privilege account assigned to the Application itself -->     <!-- Acting with the constrained delegation from user-->     <!-- Impersonates the user with full access rights -->     <!-- Acting withj full system righjts-->   </xs:restriction> </xs:simpleType>

simpleType BusinessInterfaceType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  BusinessInterface/@type
facets	Kind  Value  Annotation enumeration  TELEPHONE enumeration  MAIL enumeration  APPOINTMENT enumeration  INTERNET-WEB enumeration  INTERNET-EMAIL
annotation	documentation Enumeration of Interface type through which Business Services are offered.
source	<xs:simpleType name="BusinessInterfaceType">   <xs:annotation>     <xs:documentation>Enumeration of Interface type through which Business Services are offered.</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="TELEPHONE"/>     <xs:enumeration value="MAIL"/>     <xs:enumeration value="APPOINTMENT"/>     <xs:enumeration value="INTERNET-WEB"/>     <xs:enumeration value="INTERNET-EMAIL"/>     <!-- Telephone -->     <!-- MAIL -->     <!-- APPOINTMENT -->     <!-- Web -->     <!-- eMAIL -->   </xs:restriction> </xs:simpleType>

simpleType confidentialityClassification

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  BusinessObject/@confidentiality
facets	Kind  Value  Annotation enumeration  PUBLIC enumeration  RESTRICTED enumeration  CONFIDENTIAL enumeration  SECRET enumeration  TOPSECRET
annotation	documentation Confidentiality Classification scheme to ba adapted to local Data Handling Policy
source	<xs:simpleType name="confidentialityClassification">   <xs:annotation>     <xs:documentation>Confidentiality Classification scheme to ba adapted to local Data Handling Policy</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="PUBLIC"/>     <xs:enumeration value="RESTRICTED"/>     <xs:enumeration value="CONFIDENTIAL"/>     <xs:enumeration value="SECRET"/>     <xs:enumeration value="TOPSECRET"/>     <!-- Non-sensitive - public distribution -->     <!-- Non-classified - Restricted Distribution -->     <!-- CONFIDENTIAL - DISCRETIONARY ACCESS -->     <!-- SECRET - MANDATORY ACCESS - -->     <!-- TOP SECRET - STRICT MANDATORY ACCESS-->   </xs:restriction> </xs:simpleType>

simpleType ConfidentialityProtection

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  DataObject/@encryption
facets	Kind  Value  Annotation enumeration  NONE enumeration  3DES enumeration  AES enumeration  AES256 enumeration  RSA enumeration  ECC
annotation	documentation Enumerates Data-Centric Encryption - set of cypher suites
source	<xs:simpleType name="ConfidentialityProtection">   <xs:annotation>     <xs:documentation>Enumerates Data-Centric Encryption - set of cypher suites</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NONE"/>     <xs:enumeration value="3DES"/>     <xs:enumeration value="AES"/>     <xs:enumeration value="AES256"/>     <xs:enumeration value="RSA"/>     <xs:enumeration value="ECC"/>     <!-- No mechanisms deployed -->     <!-- Triple DES -->     <!-- AES -->     <!-- AES256 -->     <!-- RSA - -->     <!-- ECC-->   </xs:restriction> </xs:simpleType>

simpleType ControlApplicability

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  ControlObjective/@applicability ComplianceObjective/@applicability Requirement/@applicability
facets	Kind  Value  Annotation enumeration  GLOBAL enumeration  ORGANISATION enumeration  SYSTEM enumeration  COMPONENT
annotation	documentation A set of enumerated types that can be used to indicate the Control scope
source	<xs:simpleType name="ControlApplicability">   <xs:annotation>     <xs:documentation>A set of enumerated types that can be used to indicate the Control scope</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="GLOBAL"/>     <xs:enumeration value="ORGANISATION"/>     <xs:enumeration value="SYSTEM"/>     <xs:enumeration value="COMPONENT"/>     <!-- Global -->     <!-- Organisation -->     <!-- System -->     <!-- Component -->   </xs:restriction> </xs:simpleType>

simpleType ControlBaseline

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  Credential/@authenticationAssurance TechnologyService/@authenticationStrength ApplicationInterface/@authenticationStrength ApplicationService/@authenticationStrength TechnologyInterface/@authenticationStrength TechnologyService/@authenticationStrength TechnologyService/@authenticatorTrust ApplicationInterface/@authenticatorTrust ApplicationService/@authenticatorTrust TechnologyInterface/@authenticatorTrust TechnologyService/@authenticatorTrust BusinessObject/@authenticity ControlObjective/@baseline ComplianceObjective/@baseline Requirement/@baseline Principal/@identityAssurance TechnologyService/@identityProof ApplicationService/@identityProof TechnologyService/@identityProof BusinessObject/@integrity
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
annotation	documentation Indicates the level of the Control in a baselining system defined by a standard or maturity model.
source	<xs:simpleType name="ControlBaseline">   <xs:annotation>     <xs:documentation>Indicates the level of the Control in a baselining system defined by a standard or maturity model.</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="STANDARD"/>     <xs:enumeration value="ENHANCED"/>     <xs:enumeration value="ASSURED"/>     <!-- Standard -->     <!-- Enhanced -->     <!-- Assured -->   </xs:restriction> </xs:simpleType>

simpleType ControlStatus

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  ControlObjective/@status ComplianceObjective/@status Requirement/@status
facets	Kind  Value  Annotation enumeration  MANDATORY enumeration  ADVISORY enumeration  WITHDRAWN enumeration  PENDING
annotation	documentation A set of enumerated types that can be used to track the Control lifecycle
source	<xs:simpleType name="ControlStatus">   <xs:annotation>     <xs:documentation>A set of enumerated types that can be used to track the Control lifecycle</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="MANDATORY"/>     <xs:enumeration value="ADVISORY"/>     <xs:enumeration value="WITHDRAWN"/>     <xs:enumeration value="PENDING"/>     <!-- Mandatory -->     <!-- Advisory -->     <!-- Withdrawn -->     <!-- Pending -->   </xs:restriction> </xs:simpleType>

simpleType ControlStrength

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  ProtectionProfile/@detect ProtectionProfile/@deter ProtectionProfile/@identify ProtectionProfile/@protect ProtectionProfile/@recover ProtectionProfile/@respond
facets	Kind  Value  Annotation enumeration  NA enumeration  WEAK enumeration  MODERATE enumeration  STRONG enumeration  VSTRONG
annotation	documentation A qualitaive measure of Control strength
source	<xs:simpleType name="ControlStrength">   <xs:annotation>     <xs:documentation>A qualitaive measure of Control strength</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NA"/>     <xs:enumeration value="WEAK"/>     <xs:enumeration value="MODERATE"/>     <xs:enumeration value="STRONG"/>     <xs:enumeration value="VSTRONG"/>     <!-- Not Applicable -->     <!-- Weak -->     <!-- Moderate -->     <!-- Strong -->     <!-- Very Strong -->   </xs:restriction> </xs:simpleType>

simpleType CredentialType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  ApplicationInterface/@authenticator TechnologyInterface/@authenticator Credential/@type
facets	Kind  Value  Annotation enumeration  PIN enumeration  PASSWORD enumeration  SOFTTOKEN enumeration  INTERNET-APP enumeration  BIOMETRIC enumeration  HARDTOKEN
annotation	documentation Enumeration of common forms of Credential.
source	<xs:simpleType name="CredentialType">   <xs:annotation>     <xs:documentation>Enumeration of common forms of Credential.</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="PIN"/>     <xs:enumeration value="PASSWORD"/>     <xs:enumeration value="SOFTTOKEN"/>     <xs:enumeration value="INTERNET-APP"/>     <xs:enumeration value="BIOMETRIC"/>     <xs:enumeration value="HARDTOKEN"/>     <!-- PIN -->     <!-- Password -->     <!-- SOFTWARE TOKEN -->     <!-- Moble App -->     <!-- Biometric -->     <!-- SmartCard or Hardware Token-->   </xs:restriction> </xs:simpleType>

simpleType DataType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  Data/@type
facets	Kind  Value  Annotation enumeration  UNDEFINED enumeration  FILE enumeration  DB_RECORD enumeration  DB_FIELD enumeration  DB_TABLE
annotation	documentation Enumerates different Persistence formats
source	<xs:simpleType name="DataType">   <xs:annotation>     <xs:documentation>Enumerates different Persistence formats</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="UNDEFINED"/>     <xs:enumeration value="FILE"/>     <xs:enumeration value="DB_RECORD"/>     <xs:enumeration value="DB_FIELD"/>     <xs:enumeration value="DB_TABLE"/>     <!-- Undefined -->     <!-- File System -->     <!-- Database Record -->     <!-- Database Field -->     <!-- Database Table -->   </xs:restriction> </xs:simpleType>

simpleType DaysOfWeek

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKENS
properties	base  xs:NMTOKENS
used by	attribute  ServiceHours/@dayOfWeek
facets	Kind  Value  Annotation enumeration  SUN enumeration  MON enumeration  TUE enumeration  WED enumeration  THU enumeration  FRI enumeration  SAT
annotation	documentation An array containing one or more of days of the week
source	<xs:simpleType name="DaysOfWeek">   <xs:annotation>     <xs:documentation>An array containing one or more of days of the week</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKENS">     <xs:enumeration value="SUN"/>     <xs:enumeration value="MON"/>     <xs:enumeration value="TUE"/>     <xs:enumeration value="WED"/>     <xs:enumeration value="THU"/>     <xs:enumeration value="FRI"/>     <xs:enumeration value="SAT"/>   </xs:restriction> </xs:simpleType>

simpleType InterfaceExposure

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  ApplicationInterface/@interfaceExposure TechnologyInterface/@interfaceExposure
facets	Kind  Value  Annotation enumeration  LOCAL enumeration  REMOTE
annotation	documentation Broad classification between local machine interfaces and those accessed over a network
source	<xs:simpleType name="InterfaceExposure">   <xs:annotation>     <xs:documentation>Broad classification between local machine interfaces and those accessed over a network</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="LOCAL"/>     <xs:enumeration value="REMOTE"/>     <!-- Intercaces accessible only via access to local machine -->     <!-- Interfaces exposded remotely via a network -->   </xs:restriction> </xs:simpleType>

simpleType MalwareType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKENS
properties	base  xs:NMTOKENS
used by	attribute  Malware/@type
facets	Kind  Value  Annotation enumeration  ADWARE enumeration  BACKDOOR enumeration  BOT enumeration  BOOTKIT enumeration  DDOS enumeration  DOWNLOADER enumeration  DROPPER enumeration  EXPLOIT-KIT enumeration  KEYLOGGER enumeration  RANSOMWARE enumeration  REMOTE-ACCESS-TROJAN enumeration  RESOURCE-EXPLOITATION enumeration  ROGUE-SECURITY-SOFTWARE enumeration  ROOTKIT enumeration  SCREEN-CAPTURE enumeration  SPYWARE enumeration  TROJAN enumeration  UNKNOWN enumeration  VIRUS enumeration  WEBSHELL enumeration  WIPER enumeration  WORM
annotation	documentation Malware type is an open vocabulary that represents different types and functions of malware.       Malware types are not mutually exclusive; for example, a malware instance can be both spyware and a screen capture tool.
source	<xs:simpleType name="MalwareType">   <xs:annotation>     <xs:documentation>Malware type is an open vocabulary that represents different types and functions of malware.       Malware types are not mutually exclusive; for example, a malware instance can be both spyware and a screen capture tool.</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKENS">     <xs:enumeration value="ADWARE"/>     <xs:enumeration value="BACKDOOR"/>     <xs:enumeration value="BOT"/>     <xs:enumeration value="BOOTKIT"/>     <xs:enumeration value="DDOS"/>     <xs:enumeration value="DOWNLOADER"/>     <xs:enumeration value="DROPPER"/>     <xs:enumeration value="EXPLOIT-KIT"/>     <xs:enumeration value="KEYLOGGER"/>     <xs:enumeration value="RANSOMWARE"/>     <xs:enumeration value="REMOTE-ACCESS-TROJAN"/>     <xs:enumeration value="RESOURCE-EXPLOITATION"/>     <xs:enumeration value="ROGUE-SECURITY-SOFTWARE"/>     <xs:enumeration value="ROOTKIT"/>     <xs:enumeration value="SCREEN-CAPTURE"/>     <xs:enumeration value="SPYWARE"/>     <xs:enumeration value="TROJAN"/>     <xs:enumeration value="UNKNOWN"/>     <xs:enumeration value="VIRUS"/>     <xs:enumeration value="WEBSHELL"/>     <xs:enumeration value="WIPER"/>     <xs:enumeration value="WORM"/>     <!-- Any software that is funded by advertising. Adware may also gather sensitive user information from a system. -->     <!-- A malicious program that allows an attacker to perform actions on a remote system, such as transferring files, acquiring passwords, or executing arbitrary commands [NIST800-83]. -->     <!-- A program that resides on an infected system, communicating with and forming part of a botnet. The bot may be implanted by a worm or Trojan, which opens a backdoor. The bot then monitors the backdoor for further instructions. -->     <!-- A malicious program which targets the Master Boot Record of the target computer. -->     <!-- A program that is used to perform a distributed denial of service attack. -->     <!-- A small trojan file programmed to download and execute other files, usually more complex malware. -->     <!-- A type of trojan that deposits an enclosed payload (generally, other malware) onto the target computer. -->     <!-- A software toolkit to target common vulnerabilities. -->     <!-- A type of malware that surreptitiously monitors keystrokes and either records them for later retrieval or sends them back to a central collection point. -->     <!-- A type of malware that encrypts files on a victim's system, demanding payment of ransom in return for the access codes required to unlock files. -->     <!-- A remote access trojan program (or RAT), is a trojan horse capable of controlling a machine through commands issued by a remote attacker. -->     <!-- A type of malware that steals a system's resources (e.g., CPU cycles), such as a malicious bitcoin miner. -->     <!-- A fake security product that demands money to clean phony infections. -->     <!-- A type of malware that hides its files or processes from normal methods of monitoring in order to conceal its presence and activities. -->     <!-- A type of malware used to capture images from the target systems screen, used for exfiltration and command and control. -->     <!-- Software that gathers information on a user's system without their knowledge and sends it to another party. Spyware is generally used to track activities for the purpose of delivering advertising. -->     <!-- Any malicious computer program which is used to hack into a computer by misleading users of its true intent. -->     <!-- There is not enough information available to determine the type of malware. -->     <!-- A malicious computer program that replicates by reproducing itself or infecting other programs by modifying them. -->     <!-- A malicious script used by an attacker with the intent to escalate and maintain persistent access on an already compromised web application. -->     <!-- A piece of malware whose primary aim is to delete files or entire disks on a machine. -->     <!-- A self-replicating, self-contained program that usually executes itself without user intervention. -->   </xs:restriction> </xs:simpleType>

simpleType OriginAssurance

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  DataObject/@authenticity
facets	Kind  Value  Annotation enumeration  NONE enumeration  SELF enumeration  ASSERTION enumeration  SHARED_SECRET enumeration  SIGNED
annotation	documentation Identifies methods used to protect private data
source	<xs:simpleType name="OriginAssurance">   <xs:annotation>     <xs:documentation>Identifies methods used to protect private data</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NONE"/>     <xs:enumeration value="SELF"/>     <xs:enumeration value="ASSERTION"/>     <xs:enumeration value="SHARED_SECRET"/>     <xs:enumeration value="SIGNED"/>     <!-- No mechanisms deployed -->     <!-- Self-Declared Assertionn -->     <!-- Trusted Assertionn -->     <!--Shared Secret- -->     <!-- Digital Signature-->   </xs:restriction> </xs:simpleType>

simpleType PatchStatusType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  SystemSoftware/@patchStatus
facets	Kind  Value  Annotation enumeration  UNKNOWN enumeration  DOWNLEVEL enumeration  CURRENT
annotation	documentation Indicator of the patch status of the executable
source	<xs:simpleType name="PatchStatusType">   <xs:annotation>     <xs:documentation>Indicator of the patch status of the executable</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="UNKNOWN"/>     <xs:enumeration value="DOWNLEVEL"/>     <xs:enumeration value="CURRENT"/>     <!-- Patch Status Unknown -->     <!-- Patch Status is known to be downlevel -->     <!-- Patch Status is at latest level -->   </xs:restriction> </xs:simpleType>

simpleType piiClassification

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  PII/@classification
facets	Kind  Value  Annotation enumeration  NONE enumeration  PERSONAL enumeration  SENSITIVE-PERSONAL
annotation	documentation Classification scheme for Personal Identifiable Information e.g. GDPR
source	<xs:simpleType name="piiClassification">   <xs:annotation>     <xs:documentation> Classification scheme for Personal Identifiable Information e.g. GDPR</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NONE"/>     <xs:enumeration value="PERSONAL"/>     <xs:enumeration value="SENSITIVE-PERSONAL"/>     <!-- No PII -->     <!-- Personal Identifiable Informattion -->     <!-- Sensitive Personal e.g. medical, political, sexual -->   </xs:restriction> </xs:simpleType>

simpleType PIILegalBasis

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  BehaviourAttributes/@piiLegalBasis TechBehaviourAttributes/@piiLegalBasis AppBehaviourAttributes/@piiLegalBasis TechBehaviourAttributes/@piiLegalBasis
facets	Kind  Value  Annotation enumeration  COMPLIANCE enumeration  CONSENT enumeration  CONTROLLER_INTEREST enumeration  NECESSITY enumeration  PUBLIC_INTEREST enumeration  SUBJECT_INTEREST
annotation	documentation Enumerates the legal basis for the processing of Personal Identifiable Information e.g. GDPR
source	<xs:simpleType name="PIILegalBasis">   <xs:annotation>     <xs:documentation> Enumerates the legal basis for the processing of Personal Identifiable Information e.g. GDPR</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="COMPLIANCE"/>     <xs:enumeration value="CONSENT"/>     <xs:enumeration value="CONTROLLER_INTEREST"/>     <xs:enumeration value="NECESSITY"/>     <xs:enumeration value="PUBLIC_INTEREST"/>     <xs:enumeration value="SUBJECT_INTEREST"/>     <!-- Requierd for Legal & Compliance -->     <!-- Data Subject Consent -->     <!-- Legitimate Controller Intereste -->     <!-- Contractual Necessityn -->     <!-- Legitimate Public Intereste -->     <!-- LSubject's Vital Intereste -->   </xs:restriction> </xs:simpleType>

simpleType Priority

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
facets	Kind  Value  Annotation enumeration  PRIORITY_1 enumeration  PRIORITY_2 enumeration  PRIORITY_3 enumeration  PRIORITY_4 enumeration  PRIORITY_5
annotation	documentation Classification of Priorities e.g. for BCP Recovery Objective
source	<xs:simpleType name="Priority">   <xs:annotation>     <xs:documentation>Classification of Priorities e.g. for BCP Recovery Objective</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="PRIORITY_1"/>     <xs:enumeration value="PRIORITY_2"/>     <xs:enumeration value="PRIORITY_3"/>     <xs:enumeration value="PRIORITY_4"/>     <xs:enumeration value="PRIORITY_5"/>   </xs:restriction> </xs:simpleType>

simpleType PrivilegeType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  BusinessRole/@privilege BehaviourAttributes/@privilege
facets	Kind  Value  Annotation enumeration  SELF enumeration  USER enumeration  ADMIN enumeration  ROOT
annotation	documentation Roles represent the duties of the Actor w.rT. a given behaviour element
source	<xs:simpleType name="PrivilegeType">   <xs:annotation>     <xs:documentation>Roles represent the duties of the Actor w.rT. a given behaviour element</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="SELF"/>     <xs:enumeration value="USER"/>     <xs:enumeration value="ADMIN"/>     <xs:enumeration value="ROOT"/>     <!-- Acting on behalf of the Actor him/herself -->     <!-- Acting on behalf of another user-->     <!-- Able to make technical intervention, configuration changes -->     <!-- Able to review, approve the actions of other users-->   </xs:restriction> </xs:simpleType>

simpleType QualitativeScale

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	elements  Risk/aleRating Impact/impactRating Threat/ThreatRating Vulnerability/vulnerabilityRating attributes  cveAttributes/@attackComplexity TechnologyService/@availability ApplicationService/@availability TechnologyService/@availability cveAttributes/@availabilityImpact cveAttributes/@confidentialityImpact BusinessInterface/@consumerAssurance SecurityEvent/@criticality BusinessService/@criticality Event/@criticality ApplicationComponent/@criticality Serving/@criticality BehaviourAttributes/@criticality TechBehaviourAttributes/@criticality AppBehaviourAttributes/@criticality TechBehaviourAttributes/@criticality cveAttributes/@integrityImpact cveAttributes/@priviegeRequired BusinessInterface/@providerAssurance Value/@rating
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
annotation	documentation Used to denote a Qualitative label based on a User-defined scale.
source	<xs:simpleType name="QualitativeScale">   <xs:annotation>     <xs:documentation>Used to denote a Qualitative label based on a User-defined scale.</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NA"/>     <xs:enumeration value="UNCLASSIFIED"/>     <xs:enumeration value="VLOW"/>     <xs:enumeration value="LOW"/>     <xs:enumeration value="MODERATE"/>     <xs:enumeration value="HIGH"/>     <xs:enumeration value="VHIGH"/>     <!-- Not Applicable - No Classification Possible-->     <!-- Unclassified-->     <!-- VERY LOW -->     <!-- LOW -->     <!-- MODERATE -->     <!-- HIGH -->     <!-- Very HIGH -->   </xs:restriction> </xs:simpleType>

simpleType SegregationType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  BusinessInteraction/@segregationOfDuty TechnologyInteraction/@segregationOfDuty ApplicationInteraction/@segregationOfDuty TechnologyInteraction/@segregationOfDuty
facets	Kind  Value  Annotation enumeration  NONE enumeration  BY-ACTOR enumeration  BY-ROLE
annotation	documentation Specifies the basis of any Segregation of Duty
source	<xs:simpleType name="SegregationType">   <xs:annotation>     <xs:documentation>Specifies the basis of any Segregation of Duty</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NONE"/>     <xs:enumeration value="BY-ACTOR"/>     <xs:enumeration value="BY-ROLE"/>     <!-- No Segregation of Duty Requirement -->     <!-- Segregation by Principal (Can be in same Role) -->     <!-- Segregation by Role (Must be different individuals in distinct Roles)  -->   </xs:restriction> </xs:simpleType>

simpleType TamperProtection

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  CodeAuthenticity/@checkType DataObject/@integrity
facets	Kind  Value  Annotation enumeration  NONE enumeration  CHECKSUM enumeration  MD5 enumeration  HMAC enumeration  SHA1 enumeration  SHA2 enumeration  SIGNATURE
annotation	documentation Identifies methods of tamper detection
source	<xs:simpleType name="TamperProtection">   <xs:annotation>     <xs:documentation>Identifies methods of tamper detection</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NONE"/>     <xs:enumeration value="CHECKSUM"/>     <xs:enumeration value="MD5"/>     <xs:enumeration value="HMAC"/>     <xs:enumeration value="SHA1"/>     <xs:enumeration value="SHA2"/>     <xs:enumeration value="SIGNATURE"/>     <!-- No mechanisms deployed -->     <!-- Uses non-cryptographic checksum -->     <!-- MD5 Hash -->     <!--Hashed Message Authentication Code- -->     <!-- SHA-1 Hash-->     <!-- SHA-2 Hash-->     <!-- Digital Signature-->   </xs:restriction> </xs:simpleType>

simpleType UserType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  HumanInterfaceTyoe/@userType MachineInterfaceTyoe/@userType
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  MACHINE
annotation	documentation Broad classification of human or machine interfaces
source	<xs:simpleType name="UserType">   <xs:annotation>     <xs:documentation>Broad classification of human or machine interfaces</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="HUMAN"/>     <xs:enumeration value="MACHINE"/>     <!-- Human-oriented interfaces: GUI, Command-line, Speech-recognition etc.. -->     <!-- Machine-oriented APIs: MQ, REST, SOAP etc.. -->   </xs:restriction> </xs:simpleType>

simpleType ValueType

namespace	https://sabsa.org/custom
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  ValueChain/@valueType Value/@valueType
facets	Kind  Value  Annotation enumeration  FINANCIAL enumeration  PRODUCTIVITY enumeration  RESPONSE enumeration  REPLACEMENT enumeration  REGULATORY enumeration  COMPETITIVE enumeration  REPUTATION
annotation	documentation Represents different foems of value or loss - e.g. based on OpenFAIR categories
source	<xs:simpleType name="ValueType">   <xs:annotation>     <xs:documentation>Represents different foems of value or loss - e.g. based on OpenFAIR categories</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="FINANCIAL"/>     <xs:enumeration value="PRODUCTIVITY"/>     <xs:enumeration value="RESPONSE"/>     <xs:enumeration value="REPLACEMENT"/>     <xs:enumeration value="REGULATORY"/>     <xs:enumeration value="COMPETITIVE"/>     <xs:enumeration value="REPUTATION"/>     <!-- Direct financial value -->     <!-- Value / losses associated with the organization’s ability to generate its primary value proposition -->     <!-- Value of preventing or mitigating losses or cost of responding to Loss Event -->     <!-- Replacement value of an Asset; -->     <!-- Value or losses associated with maintaining legal or regulatory compliance e.g. actions levied against an organization -->     <!-- Value or losses associated with competitive advantage, -->     <!-- Value or losses associated with an external stakeholder’s perception that an organization’s value proposition is diminished -->   </xs:restriction> </xs:simpleType>

complexType BusinessActor

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:population tog:populationRange
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      type   tog:ActorType   required         isDataSubject   xs:boolean      false
annotation	documentation Security-related properties of a Business Actor
source	<xs:complexType name="BusinessActor">   <xs:annotation>     <xs:documentation>Security-related properties of a Business Actor</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <xs:element name="population" type="xs:float"/>           <xs:element name="populationRange" type="custom:IntegerRange"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="type" type="tog:ActorType" use="required"/>       <xs:attribute name="isDataSubject" type="xs:boolean" default="false"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute BusinessActor/@type

type	tog:ActorType
properties	use  required
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  ORGANISATIONAL
source	<xs:attribute name="type" type="tog:ActorType" use="required"/>

attribute BusinessActor/@isDataSubject

type	xs:boolean
properties	default  false
source	<xs:attribute name="isDataSubject" type="xs:boolean" default="false"/>

element BusinessActor/population

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:float
properties	content  simple
source	<xs:element name="population" type="xs:float"/>

element BusinessActor/populationRange

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="populationRange" type="custom:IntegerRange"/>

complexType BusinessCollaboration

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      privilege   tog:RoleType   required         segregationOfDuty   tog:SODType      NONE
annotation	documentation Security-related properties of a Business Collaboration
source	<xs:complexType name="BusinessCollaboration">   <xs:annotation>     <xs:documentation>Security-related properties of a Business Collaboration</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="privilege" type="tog:RoleType" use="required"/>       <xs:attribute name="segregationOfDuty" type="tog:SODType" default="NONE"/>     </xs:extension>     <!-- The privilege level of the role -->     <!-- Segregation of Duty Requirements within the Collaboration -->   </xs:complexContent> </xs:complexType>

attribute BusinessCollaboration/@privilege

type	tog:RoleType
properties	use  required
facets	Kind  Value  Annotation enumeration  SELF enumeration  DELEGATE enumeration  ADMIN enumeration  SUPERVISOR
source	<xs:attribute name="privilege" type="tog:RoleType" use="required"/>

attribute BusinessCollaboration/@segregationOfDuty

type	tog:SODType
properties	default  NONE
facets	Kind  Value  Annotation enumeration  NONE enumeration  BY-ACTOR enumeration  BY-ROLE
source	<xs:attribute name="segregationOfDuty" type="tog:SODType" default="NONE"/>

complexType BusinessFunction

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:PrivilegeType   required         piiLegalBasis   custom:PIILegalBasis   optional
annotation	documentation Security-related properties of a Business Function
source	<xs:complexType name="BusinessFunction">   <xs:annotation>     <xs:documentation>Security-related properties of a Business Function</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:BehaviourAttributes"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

element BusinessFunction/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element BusinessFunction/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType BusinessInteraction

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:PrivilegeType   required         piiLegalBasis   custom:PIILegalBasis   optional         segregationOfDuty   custom:SegregationType   required
annotation	documentation Security-related properties of a Business Interaction
source	<xs:complexType name="BusinessInteraction">   <xs:annotation>     <xs:documentation>Security-related properties of a Business Interaction</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:BehaviourAttributes"/>       <xs:attribute name="segregationOfDuty" type="custom:SegregationType" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute BusinessInteraction/@segregationOfDuty

type	custom:SegregationType
properties	use  required
facets	Kind  Value  Annotation enumeration  NONE enumeration  BY-ACTOR enumeration  BY-ROLE
source	<xs:attribute name="segregationOfDuty" type="custom:SegregationType" use="required"/>

element BusinessInteraction/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element BusinessInteraction/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType BusinessInterface

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:serviceHours
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      type   custom:BusinessInterfaceType   optional         capacity   xs:nonNegativeInteger   optional         consumerAssurance   custom:QualitativeScale   required         providerAssurance   custom:QualitativeScale   required
annotation	documentation Security-related properties of a Business Interface
source	<xs:complexType name="BusinessInterface">   <xs:annotation>     <xs:documentation>Security-related properties of a Business Interface</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <!-- The service windows during which the service is available via this interface-->         <xs:element name="serviceHours" type="tog:ServiceHours" minOccurs="0" maxOccurs="unbounded"/>       </xs:sequence>       <xs:attribute name="type" type="custom:BusinessInterfaceType" use="optional"/>       <xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>       <xs:attribute name="consumerAssurance" type="custom:QualitativeScale" use="required"/>       <xs:attribute name="providerAssurance" type="custom:QualitativeScale" use="required"/>     </xs:extension>     <!-- Enumerates the interface type-->     <!-- Evaluation the capacity / throughput that the interface can handle-->     <!-- Evaluation the Consumer's assurance of the Provider Authentication-->     <!-- Evaluation the Provider's assurance of the Consumer Authentication-->   </xs:complexContent> </xs:complexType>

attribute BusinessInterface/@type

type	custom:BusinessInterfaceType
properties	use  optional
facets	Kind  Value  Annotation enumeration  TELEPHONE enumeration  MAIL enumeration  APPOINTMENT enumeration  INTERNET-WEB enumeration  INTERNET-EMAIL
source	<xs:attribute name="type" type="custom:BusinessInterfaceType" use="optional"/>

attribute BusinessInterface/@capacity

type	xs:nonNegativeInteger
properties	use  optional
source	<xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>

attribute BusinessInterface/@consumerAssurance

type	custom:QualitativeScale
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="consumerAssurance" type="custom:QualitativeScale" use="required"/>

attribute BusinessInterface/@providerAssurance

type	custom:QualitativeScale
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="providerAssurance" type="custom:QualitativeScale" use="required"/>

element BusinessInterface/serviceHours

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	tog:ServiceHours
properties	minOcc  0 maxOcc  unbounded content  complex
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation dayOfWeek   custom:DaysOfWeek   required         serviceOpens   xs:time   required         serviceCloses   xs:time   required
source	<xs:element name="serviceHours" type="tog:ServiceHours" minOccurs="0" maxOccurs="unbounded"/>

complexType BusinessObject

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:pii
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      confidentiality   custom:confidentialityClassification   required         integrity   custom:ControlBaseline   required         authenticity   custom:ControlBaseline   required         retentionPeriod   xs:duration   required
annotation	documentation Security-related properties of Business Information
source	<xs:complexType name="BusinessObject">   <xs:annotation>     <xs:documentation>Security-related properties of Business Information</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:element name="pii" type="custom:PII" minOccurs="1" maxOccurs="1"/>       </xs:sequence>       <xs:attribute name="confidentiality" type="custom:confidentialityClassification" use="required"/>       <xs:attribute name="integrity" type="custom:ControlBaseline" use="required"/>       <xs:attribute name="authenticity" type="custom:ControlBaseline" use="required"/>       <xs:attribute name="retentionPeriod" type="xs:duration" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute BusinessObject/@confidentiality

type	custom:confidentialityClassification
properties	use  required
facets	Kind  Value  Annotation enumeration  PUBLIC enumeration  RESTRICTED enumeration  CONFIDENTIAL enumeration  SECRET enumeration  TOPSECRET
source	<xs:attribute name="confidentiality" type="custom:confidentialityClassification" use="required"/>

attribute BusinessObject/@integrity

type	custom:ControlBaseline
properties	use  required
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="integrity" type="custom:ControlBaseline" use="required"/>

attribute BusinessObject/@authenticity

type	custom:ControlBaseline
properties	use  required
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticity" type="custom:ControlBaseline" use="required"/>

attribute BusinessObject/@retentionPeriod

type	xs:duration
properties	use  required
source	<xs:attribute name="retentionPeriod" type="xs:duration" use="required"/>

element BusinessObject/pii

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:PII
properties	content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation classification   custom:piiClassification      NONE      couldBeMinor   xs:boolean      false      reviewPeriod   xs:duration   optional
source	<xs:element name="pii" type="custom:PII" minOccurs="1" maxOccurs="1"/>

complexType BusinessProcess

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:PrivilegeType   required         piiLegalBasis   custom:PIILegalBasis   optional
annotation	documentation Security-related properties of a Business Process
source	<xs:complexType name="BusinessProcess">   <xs:annotation>     <xs:documentation>Security-related properties of a Business Process</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:BehaviourAttributes"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

element BusinessProcess/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element BusinessProcess/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType BusinessRole

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      privilege   custom:PrivilegeType   required         toxicPairs   xs:IDREFS   optional
annotation	documentation Security-related properties of a Business Role
source	<xs:complexType name="BusinessRole">   <xs:annotation>     <xs:documentation>Security-related properties of a Business Role</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="privilege" type="custom:PrivilegeType" use="required"/>       <xs:attribute name="toxicPairs" type="xs:IDREFS" use="optional"/>     </xs:extension>     <!-- The privilege level of the role -->     <!-- Lists any other roles that are incompatible with this Role -->   </xs:complexContent> </xs:complexType>

attribute BusinessRole/@privilege

type	custom:PrivilegeType
properties	use  required
facets	Kind  Value  Annotation enumeration  SELF enumeration  USER enumeration  ADMIN enumeration  ROOT
source	<xs:attribute name="privilege" type="custom:PrivilegeType" use="required"/>

attribute BusinessRole/@toxicPairs

type	xs:IDREFS
properties	use  optional
source	<xs:attribute name="toxicPairs" type="xs:IDREFS" use="optional"/>

complexType BusinessService

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:serviceHours
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      capacity   xs:nonNegativeInteger   optional
annotation	documentation Defines a Business Service from the perspective of the Service Provider
source	<xs:complexType name="BusinessService">   <xs:annotation>     <xs:documentation>Defines a Business Service from the perspective of the Service Provider</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <!-- The service windows during which the service is available-->         <xs:element name="serviceHours" type="tog:ServiceHours" minOccurs="0" maxOccurs="unbounded"/>       </xs:sequence>       <xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>       <xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>     </xs:extension>     <!-- Enumerates the criticality of  a Business Service from the Provider perspective - as highest common denominator of implementing processes-->     <!-- Evaluation the capacity / throughput that the service can handle-->   </xs:complexContent> </xs:complexType>

attribute BusinessService/@criticality

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute BusinessService/@capacity

type	xs:nonNegativeInteger
properties	use  optional
source	<xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>

element BusinessService/serviceHours

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	tog:ServiceHours
properties	minOcc  0 maxOcc  unbounded content  complex
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation dayOfWeek   custom:DaysOfWeek   required         serviceOpens   xs:time   required         serviceCloses   xs:time   required
source	<xs:element name="serviceHours" type="tog:ServiceHours" minOccurs="0" maxOccurs="unbounded"/>

complexType Event

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      security   xs:boolean      false      criticality   custom:QualitativeScale   required
annotation	documentation Security related properties for all Event types
source	<xs:complexType name="Event">   <xs:annotation>     <xs:documentation>Security related properties for all Event types</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="security" type="xs:boolean" default="false"/>       <xs:attribute name="criticality" type="custom:QualitativeScale" use="required"/>     </xs:extension>     <!-- Marks an Event as a Security-relevant event-->     <!-- Qualitative level of event criticality-->   </xs:complexContent> </xs:complexType>

attribute Event/@security

type	xs:boolean
properties	default  false
source	<xs:attribute name="security" type="xs:boolean" default="false"/>

attribute Event/@criticality

type	custom:QualitativeScale
properties	use  required
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" use="required"/>

complexType ServiceHours

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
children	tog:name tog:description
used by	elements  BusinessInterface/serviceHours BusinessService/serviceHours
attributes	Name   Type   Use   Default   Fixed   Annotation dayOfWeek   custom:DaysOfWeek   required         serviceOpens   xs:time   required         serviceCloses   xs:time   required
annotation	documentation Describes the periods during which the service is planned to be available
source	<xs:complexType name="ServiceHours">   <xs:annotation>     <xs:documentation>Describes the periods during which the service is planned to be available</xs:documentation>   </xs:annotation>   <xs:sequence>     <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>     <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>   </xs:sequence>   <xs:attribute name="dayOfWeek" type="custom:DaysOfWeek" use="required"/>   <xs:attribute name="serviceOpens" type="xs:time" use="required"/>   <xs:attribute name="serviceCloses" type="xs:time" use="required"/> </xs:complexType>

attribute ServiceHours/@dayOfWeek

type	custom:DaysOfWeek
properties	use  required
facets	Kind  Value  Annotation enumeration  SUN enumeration  MON enumeration  TUE enumeration  WED enumeration  THU enumeration  FRI enumeration  SAT
source	<xs:attribute name="dayOfWeek" type="custom:DaysOfWeek" use="required"/>

attribute ServiceHours/@serviceOpens

type	xs:time
properties	use  required
source	<xs:attribute name="serviceOpens" type="xs:time" use="required"/>

attribute ServiceHours/@serviceCloses

type	xs:time
properties	use  required
source	<xs:attribute name="serviceCloses" type="xs:time" use="required"/>

element ServiceHours/name

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:string
properties	content  simple
source	<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>

element ServiceHours/description

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:string
properties	minOcc  0 maxOcc  1 content  simple
source	<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>

simpleType ActorType

namespace	http://www.opengroup.org/xsd/archimate/3.1
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attributes  BusinessActor/@type DataSubject/@type
facets	Kind  Value  Annotation enumeration  HUMAN enumeration  ORGANISATIONAL
annotation	documentation BusinessActors are either human or organisational entities such as a department
source	<xs:simpleType name="ActorType">   <xs:annotation>     <xs:documentation>BusinessActors are either human or organisational entities such as a department</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="HUMAN"/>     <xs:enumeration value="ORGANISATIONAL"/>     <!-- A Human Actor -->     <!-- An Organisation, Division, Department, Team -->   </xs:restriction> </xs:simpleType>

simpleType RoleType

namespace	http://www.opengroup.org/xsd/archimate/3.1
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  BusinessCollaboration/@privilege
facets	Kind  Value  Annotation enumeration  SELF enumeration  DELEGATE enumeration  ADMIN enumeration  SUPERVISOR
annotation	documentation Roles represent the duties of the Actor w.r.t. a given behaviour element
source	<xs:simpleType name="RoleType">   <xs:annotation>     <xs:documentation>Roles represent the duties of the Actor w.r.t. a given behaviour element</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="SELF"/>     <xs:enumeration value="DELEGATE"/>     <xs:enumeration value="ADMIN"/>     <xs:enumeration value="SUPERVISOR"/>     <!-- Acting on behalf of the Actor him/herself -->     <!-- Acting on behalf of another user-->     <!-- Able to make technical intervention, configuration changes -->     <!-- Able to review, approve the actions of other users-->   </xs:restriction> </xs:simpleType>

simpleType SODType

namespace	http://www.opengroup.org/xsd/archimate/3.1
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  BusinessCollaboration/@segregationOfDuty
facets	Kind  Value  Annotation enumeration  NONE enumeration  BY-ACTOR enumeration  BY-ROLE
annotation	documentation Specicifies the basis of any Segregation of Duty
source	<xs:simpleType name="SODType">   <xs:annotation>     <xs:documentation>Specicifies the basis of any Segregation of Duty</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="NONE"/>     <xs:enumeration value="BY-ACTOR"/>     <xs:enumeration value="BY-ROLE"/>     <!-- No Segregation of Duty Requirement -->     <!-- Segregation by Principal (Can be in same Role) -->     <!-- Segregation by Role (Must be different individuals in distinct Roles)  -->   </xs:restriction> </xs:simpleType>

attributeGroup BehaviourAttributes

namespace	http://www.opengroup.org/xsd/archimate/3.1
used by	complexTypes  BusinessFunction BusinessInteraction BusinessProcess
attributes	Name   Type   Use   Default   Fixed   Annotation criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:PrivilegeType   required         piiLegalBasis   custom:PIILegalBasis   optional
source	<xs:attributeGroup name="BehaviourAttributes">   <!-- Enumerates the criticality of a Business behaviour-->   <xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>   <!-- Enumerates the privilege level with which the behaviour is performed-->   <xs:attribute name="privilege" type="custom:PrivilegeType" use="required"/>   <!-- Enumerates the legal basis for any processing of Personal Identifiable Information e.g. GDPR<-->   <xs:attribute name="piiLegalBasis" type="custom:PIILegalBasis" use="optional"/> </xs:attributeGroup>

attribute BehaviourAttributes/@criticality

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute BehaviourAttributes/@privilege

type	custom:PrivilegeType
properties	use  required
facets	Kind  Value  Annotation enumeration  SELF enumeration  USER enumeration  ADMIN enumeration  ROOT
source	<xs:attribute name="privilege" type="custom:PrivilegeType" use="required"/>

attribute BehaviourAttributes/@piiLegalBasis

type	custom:PIILegalBasis
properties	use  optional
facets	Kind  Value  Annotation enumeration  COMPLIANCE enumeration  CONSENT enumeration  CONTROLLER_INTEREST enumeration  NECESSITY enumeration  PUBLIC_INTEREST enumeration  SUBJECT_INTEREST
source	<xs:attribute name="piiLegalBasis" type="custom:PIILegalBasis" use="optional"/>

complexType Constraint

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:Requirement
properties	base  tog:Requirement
children	tog:name tog:description tog:profile
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      namespace   xs:string   optional         refCode   xs:NMTOKEN   optional         status   custom:ControlStatus      MANDATORY      applicability   custom:ControlApplicability   optional         baseline   custom:ControlBaseline   optional
annotation	documentation Constraint has the sam security-relevant properties of a Requirement
source	<xs:complexType name="Constraint">   <xs:annotation>     <xs:documentation>Constraint has the sam security-relevant properties of a Requirement</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:Requirement"/>   </xs:complexContent> </xs:complexType>

complexType Requirement

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:profile
used by	complexType  Constraint
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      namespace   xs:string   optional         refCode   xs:NMTOKEN   optional         status   custom:ControlStatus      MANDATORY      applicability   custom:ControlApplicability   optional         baseline   custom:ControlBaseline   optional
annotation	documentation Used to define security-relevant properties of a Requirement
source	<xs:complexType name="Requirement">   <xs:annotation>     <xs:documentation>Used to define security-relevant properties of a Requirement</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:element name="profile" type="custom:ProtectionProfile" minOccurs="0" maxOccurs="1"/>       </xs:sequence>       <xs:attribute name="namespace" type="xs:string" use="optional"/>       <xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>       <xs:attribute name="status" type="custom:ControlStatus" default="MANDATORY"/>       <xs:attribute name="applicability" type="custom:ControlApplicability" use="optional"/>       <xs:attribute name="baseline" type="custom:ControlBaseline" use="optional"/>     </xs:extension>     <!--a namespace indicationg the source of the requirement -->     <!--a reference code that uniquely identifies the requirement within the namespace-->     <!--the current status of the requirement in the control lifecycle-->     <!--indicates the scope of applicability of the requirement -->     <!--indicates the level of the requirement in baselining scheme e.g. a maturity model -->   </xs:complexContent> </xs:complexType>

attribute Requirement/@namespace

type	xs:string
properties	use  optional
source	<xs:attribute name="namespace" type="xs:string" use="optional"/>

attribute Requirement/@refCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="refCode" type="xs:NMTOKEN" use="optional"/>

attribute Requirement/@status

type	custom:ControlStatus
properties	default  MANDATORY
facets	Kind  Value  Annotation enumeration  MANDATORY enumeration  ADVISORY enumeration  WITHDRAWN enumeration  PENDING
source	<xs:attribute name="status" type="custom:ControlStatus" default="MANDATORY"/>

attribute Requirement/@applicability

type	custom:ControlApplicability
properties	use  optional
facets	Kind  Value  Annotation enumeration  GLOBAL enumeration  ORGANISATION enumeration  SYSTEM enumeration  COMPONENT
source	<xs:attribute name="applicability" type="custom:ControlApplicability" use="optional"/>

attribute Requirement/@baseline

type	custom:ControlBaseline
properties	use  optional
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="baseline" type="custom:ControlBaseline" use="optional"/>

element Requirement/profile

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:ProtectionProfile
properties	minOcc  0 maxOcc  1 content  complex
children	custom:name custom:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         namespace   xs:QName         SABSA   identify   custom:ControlStrength   required         deter   custom:ControlStrength   required         protect   custom:ControlStrength   required         detect   custom:ControlStrength   required         respond   custom:ControlStrength   required         recover   custom:ControlStrength   required
source	<xs:element name="profile" type="custom:ProtectionProfile" minOccurs="0" maxOccurs="1"/>

complexType Value

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:valuation tog:valueDistribution
used by	complexType  Loss
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      valueType   custom:ValueType   required         currencyUnits   xs:NMTOKEN   optional         currencyCode   xs:NMTOKEN   optional         rating   custom:QualitativeScale   optional
annotation	documentation Used to define the value of an Asset in financial or other measures
source	<xs:complexType name="Value">   <xs:annotation>     <xs:documentation>Used to define the value of an Asset in financial or other measures</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <xs:element name="valuation" type="xs:float"/>           <xs:element name="valueDistribution" type="custom:ProbabilityDist"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="valueType" type="custom:ValueType" use="required"/>       <xs:attribute name="currencyUnits" type="xs:NMTOKEN" use="optional"/>       <xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>       <xs:attribute name="rating" type="custom:QualitativeScale" use="optional"/>     </xs:extension>     <!-- Currency units e.g 1, 1000, 1000000 to be applied to the ALE distribution-->     <!-- Currency code as defined in ISO 4217-->   </xs:complexContent> </xs:complexType>

attribute Value/@valueType

type	custom:ValueType
properties	use  required
facets	Kind  Value  Annotation enumeration  FINANCIAL enumeration  PRODUCTIVITY enumeration  RESPONSE enumeration  REPLACEMENT enumeration  REGULATORY enumeration  COMPETITIVE enumeration  REPUTATION
source	<xs:attribute name="valueType" type="custom:ValueType" use="required"/>

attribute Value/@currencyUnits

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyUnits" type="xs:NMTOKEN" use="optional"/>

attribute Value/@currencyCode

type	xs:NMTOKEN
properties	use  optional
source	<xs:attribute name="currencyCode" type="xs:NMTOKEN" use="optional"/>

attribute Value/@rating

type	custom:QualitativeScale
properties	use  optional
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="rating" type="custom:QualitativeScale" use="optional"/>

element Value/valuation

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:float
properties	content  simple
source	<xs:element name="valuation" type="xs:float"/>

element Value/valueDistribution

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:ProbabilityDist
properties	content  complex
children	custom:low custom:mode custom:high
source	<xs:element name="valueDistribution" type="custom:ProbabilityDist"/>

complexType Node

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false
annotation	documentation Security properties of an Application Component
source	<xs:complexType name="Node">   <xs:annotation>     <xs:documentation>Security properties of an Application Component</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement"/>   </xs:complexContent> </xs:complexType>

complexType SystemSoftware

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:authenticityCheck
used by	complexType  Executable
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      provider   xs:string   required         providerURI   xs:anyURI   optional         acquisitionModel   custom:AcquisitionType      COTS      thisVersion   xs:string   required         latestVersion   xs:string   required         patchStatus   custom:PatchStatusType      UNKNOWN      lastPatched   xs:date   optional
annotation	documentation Security properties of System Softwaree
source	<xs:complexType name="SystemSoftware">   <xs:annotation>     <xs:documentation>Security properties of System Softwaree</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:element name="authenticityCheck" type="custom:CodeAuthenticity" minOccurs="0" maxOccurs="unbounded"/>       </xs:sequence>       <xs:attribute name="provider" type="xs:string" use="required"/>       <xs:attribute name="providerURI" type="xs:anyURI" use="optional"/>       <xs:attribute name="acquisitionModel" type="custom:AcquisitionType" default="COTS"/>       <xs:attribute name="thisVersion" type="xs:string" use="required"/>       <xs:attribute name="latestVersion" type="xs:string" use="required"/>       <xs:attribute name="patchStatus" type="custom:PatchStatusType" default="UNKNOWN"/>       <xs:attribute name="lastPatched" type="xs:date" use="optional"/>     </xs:extension>     <!-- Application Source / Provider -->     <!-- Application Provider / Supplier URL-->     <!-- The software acquisition model -->     <!-- Installed version -->     <!-- Latest Vailable version -->     <!-- Patch Status - property derived from latest available & installed release versions -->     <!-- The date when the current patch was applied - actally a property of the Assignment relationship !!! -->   </xs:complexContent> </xs:complexType>

attribute SystemSoftware/@provider

type	xs:string
properties	use  required
source	<xs:attribute name="provider" type="xs:string" use="required"/>

attribute SystemSoftware/@providerURI

type	xs:anyURI
properties	use  optional
source	<xs:attribute name="providerURI" type="xs:anyURI" use="optional"/>

attribute SystemSoftware/@acquisitionModel

type	custom:AcquisitionType
properties	default  COTS
facets	Kind  Value  Annotation enumeration  UNCLASSIFIED enumeration  OWN_CUSTOM enumeration  VENDOR_CUSTOM enumeration  OPENSOURCE enumeration  COTS enumeration  GOTS
source	<xs:attribute name="acquisitionModel" type="custom:AcquisitionType" default="COTS"/>

attribute SystemSoftware/@thisVersion

type	xs:string
properties	use  required
source	<xs:attribute name="thisVersion" type="xs:string" use="required"/>

attribute SystemSoftware/@latestVersion

type	xs:string
properties	use  required
source	<xs:attribute name="latestVersion" type="xs:string" use="required"/>

attribute SystemSoftware/@patchStatus

type	custom:PatchStatusType
properties	default  UNKNOWN
facets	Kind  Value  Annotation enumeration  UNKNOWN enumeration  DOWNLEVEL enumeration  CURRENT
source	<xs:attribute name="patchStatus" type="custom:PatchStatusType" default="UNKNOWN"/>

attribute SystemSoftware/@lastPatched

type	xs:date
properties	use  optional
source	<xs:attribute name="lastPatched" type="xs:date" use="optional"/>

element SystemSoftware/authenticityCheck

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:CodeAuthenticity
properties	minOcc  0 maxOcc  unbounded content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation fileName   xs:Name   required         checkType   custom:TamperProtection   required
source	<xs:element name="authenticityCheck" type="custom:CodeAuthenticity" minOccurs="0" maxOccurs="unbounded"/>

complexType TechnologyFunction

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
source	<xs:complexType name="TechnologyFunction">   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:TechBehaviourAttributes"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

element TechnologyFunction/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element TechnologyFunction/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType TechnologyInteraction

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false      segregationOfDuty   custom:SegregationType   required
source	<xs:complexType name="TechnologyInteraction">   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:TechBehaviourAttributes"/>       <xs:attribute name="segregationOfDuty" type="custom:SegregationType" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute TechnologyInteraction/@segregationOfDuty

type	custom:SegregationType
properties	use  required
facets	Kind  Value  Annotation enumeration  NONE enumeration  BY-ACTOR enumeration  BY-ROLE
source	<xs:attribute name="segregationOfDuty" type="custom:SegregationType" use="required"/>

element TechnologyInteraction/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element TechnologyInteraction/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType TechnologyInterface

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:humanInterface tog:machineInterface
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      interfaceExposure   custom:InterfaceExposure      REMOTE      authenticator   custom:CredentialType   required         authenticationStrength   custom:ControlBaseline   required         authenticatorTrust   custom:ControlBaseline   optional
annotation	documentation Security properties of a Technology Layer Interface
source	<xs:complexType name="TechnologyInterface">   <xs:annotation>     <xs:documentation>Security properties of a Technology Layer Interface</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <!-- Select either human or machine interface-->           <xs:element name="humanInterface" type="custom:HumanInterfaceTyoe"/>           <xs:element name="machineInterface" type="custom:MachineInterfaceTyoe"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="interfaceExposure" type="custom:InterfaceExposure" default="REMOTE"/>       <xs:attribute name="authenticator" type="custom:CredentialType" use="required"/>       <xs:attribute name="authenticationStrength" type="custom:ControlBaseline" use="required"/>       <xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" use="optional"/>     </xs:extension>     <!-- Interface exposure: primarily local or remote -->     <!-- The authentication mechanism supported by this interface-->     <!-- The interface's authentication strength requirement -->     <!-- The interface's authenticator trust requirement (a function of the rigour of the user registration process)-->   </xs:complexContent> </xs:complexType>

attribute TechnologyInterface/@interfaceExposure

type	custom:InterfaceExposure
properties	default  REMOTE
facets	Kind  Value  Annotation enumeration  LOCAL enumeration  REMOTE
source	<xs:attribute name="interfaceExposure" type="custom:InterfaceExposure" default="REMOTE"/>

attribute TechnologyInterface/@authenticator

type	custom:CredentialType
properties	use  required
facets	Kind  Value  Annotation enumeration  PIN enumeration  PASSWORD enumeration  SOFTTOKEN enumeration  INTERNET-APP enumeration  BIOMETRIC enumeration  HARDTOKEN
source	<xs:attribute name="authenticator" type="custom:CredentialType" use="required"/>

attribute TechnologyInterface/@authenticationStrength

type	custom:ControlBaseline
properties	use  required
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticationStrength" type="custom:ControlBaseline" use="required"/>

attribute TechnologyInterface/@authenticatorTrust

type	custom:ControlBaseline
properties	use  optional
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" use="optional"/>

element TechnologyInterface/humanInterface

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:HumanInterfaceTyoe
properties	content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation userType   custom:UserType         HUMAN   type   derived by: xs:NMTOKEN
source	<xs:element name="humanInterface" type="custom:HumanInterfaceTyoe"/>

element TechnologyInterface/machineInterface

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:MachineInterfaceTyoe
properties	content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation userType   custom:UserType         MACHINE   type   derived by: xs:NMTOKEN
source	<xs:element name="machineInterface" type="custom:MachineInterfaceTyoe"/>

complexType TechnologyProcess

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
source	<xs:complexType name="TechnologyProcess">   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:TechBehaviourAttributes"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

element TechnologyProcess/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element TechnologyProcess/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType TechnologyService

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      identityProof   custom:ControlBaseline      STANDARD      authenticationStrength   custom:ControlBaseline      STANDARD      authenticatorTrust   custom:ControlBaseline      STANDARD      availability   custom:QualitativeScale      UNCLASSIFIED      capacity   xs:nonNegativeInteger   optional         latency   xs:float   optional         rto   xs:duration   required         rpo   xs:duration   required
annotation	documentation Defines an Technology Service Requirements i.e. from the perspective of the Service Provider
source	<xs:complexType name="TechnologyService">   <xs:annotation>     <xs:documentation>Defines an Technology Service Requirements i.e. from the perspective of the Service Provider</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="identityProof" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="authenticationStrength" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="availability" type="custom:QualitativeScale" default="UNCLASSIFIED"/>       <xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>       <xs:attribute name="latency" type="xs:float" use="optional"/>       <xs:attribute name="rto" type="xs:duration" use="required"/>       <xs:attribute name="rpo" type="xs:duration" use="required"/>     </xs:extension>     <!-- enrolment & credential issuance processes bind the applicant to a real identity-->     <!-- the assurance strength of the authentication mechanism itself -->     <!-- assurance in way the credential is presented, considering aspects such as bearer-type, one-time use, freshness, challenge/response etc.-->     <!-- Availability as an enumerated scale mapped to organisation's operational scales e.g.HIGH = 99.99% - 99.999%-->     <!-- Evaluation the required capacity / throughput (e.g. requests / minute) that the service can handle-->     <!-- Evaluation the required  latency / response time that the service can handle-->     <!-- Recovery Time Objective-->     <!-- Recovery Point Objective-->   </xs:complexContent> </xs:complexType>

attribute TechnologyService/@identityProof

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="identityProof" type="custom:ControlBaseline" default="STANDARD"/>

attribute TechnologyService/@authenticationStrength

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticationStrength" type="custom:ControlBaseline" default="STANDARD"/>

attribute TechnologyService/@authenticatorTrust

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" default="STANDARD"/>

attribute TechnologyService/@availability

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="availability" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute TechnologyService/@capacity

type	xs:nonNegativeInteger
properties	use  optional
source	<xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>

attribute TechnologyService/@latency

type	xs:float
properties	use  optional
source	<xs:attribute name="latency" type="xs:float" use="optional"/>

attribute TechnologyService/@rto

type	xs:duration
properties	use  required
source	<xs:attribute name="rto" type="xs:duration" use="required"/>

attribute TechnologyService/@rpo

type	xs:duration
properties	use  required
source	<xs:attribute name="rpo" type="xs:duration" use="required"/>

attributeGroup TechBehaviourAttributes

namespace	http://www.opengroup.org/xsd/archimate/3.1
used by	complexTypes  TechnologyFunction TechnologyFunction TechnologyInteraction TechnologyInteraction TechnologyProcess TechnologyProcess
attributes	Name   Type   Use   Default   Fixed   Annotation criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
source	<xs:attributeGroup name="TechBehaviourAttributes">   <!-- Enumerates the criticality of a Business behaviour-->   <xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>   <!-- Enumerates the privilege level with which the behaviour is performed-->   <xs:attribute name="privilege" type="custom:ApplicationRoleType" use="required"/>   <!-- Enumerates the legal basis for any processing of Personal Identifiable Information e.g. GDPR<-->   <xs:attribute name="piiLegalBasis" type="custom:PIILegalBasis" use="optional"/>   <!-- Indicates whether the processing is transaction safe - ACID properties<-->   <xs:attribute name="isTransactional" type="xs:boolean" default="false"/>   <!-- Indicates whether the processing produces a transaction log<-->   <xs:attribute name="isLogged" type="xs:boolean" default="false"/> </xs:attributeGroup>

attribute TechBehaviourAttributes/@criticality

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute TechBehaviourAttributes/@privilege

type	custom:ApplicationRoleType
properties	use  required
facets	Kind  Value  Annotation enumeration  SELF enumeration  DELEGATE enumeration  IMPERSONATE enumeration  SYSTEM
source	<xs:attribute name="privilege" type="custom:ApplicationRoleType" use="required"/>

attribute TechBehaviourAttributes/@piiLegalBasis

type	custom:PIILegalBasis
properties	use  optional
facets	Kind  Value  Annotation enumeration  COMPLIANCE enumeration  CONSENT enumeration  CONTROLLER_INTEREST enumeration  NECESSITY enumeration  PUBLIC_INTEREST enumeration  SUBJECT_INTEREST
source	<xs:attribute name="piiLegalBasis" type="custom:PIILegalBasis" use="optional"/>

attribute TechBehaviourAttributes/@isTransactional

type	xs:boolean
properties	default  false
source	<xs:attribute name="isTransactional" type="xs:boolean" default="false"/>

attribute TechBehaviourAttributes/@isLogged

type	xs:boolean
properties	default  false
source	<xs:attribute name="isLogged" type="xs:boolean" default="false"/>

complexType ApplicationComponent

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      acquisitionType   custom:AcquisitionType   optional         criticality   custom:QualitativeScale      UNCLASSIFIED      classificationDate   xs:date   optional         classifiedBy   xs:string   optional         isMobile   xs:boolean      false      applicationOwner   xs:string   optional         technicalOwner   xs:string   optional
annotation	documentation Security properties of an Application Component
source	<xs:complexType name="ApplicationComponent">   <xs:annotation>     <xs:documentation>Security properties of an Application Component</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="acquisitionType" type="custom:AcquisitionType" use="optional"/>       <xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>       <xs:attribute name="classificationDate" type="xs:date" use="optional"/>       <xs:attribute name="classifiedBy" type="xs:string" use="optional"/>       <xs:attribute name="isMobile" type="xs:boolean" default="false"/>       <xs:attribute name="applicationOwner" type="xs:string" use="optional"/>       <xs:attribute name="technicalOwner" type="xs:string" use="optional"/>     </xs:extension>     <!-- The softtware acquisition type (Derived from Artefact)-->     <!-- The criticality classification -->     <!-- The date of classification -->     <!-- Who performed the classification -->     <!--Flag for mobile code -->     <!--Business Actor - Current Application Owner -->     <!--Business Actor - Current Technical Owner -->   </xs:complexContent> </xs:complexType>

attribute ApplicationComponent/@acquisitionType

type	custom:AcquisitionType
properties	use  optional
facets	Kind  Value  Annotation enumeration  UNCLASSIFIED enumeration  OWN_CUSTOM enumeration  VENDOR_CUSTOM enumeration  OPENSOURCE enumeration  COTS enumeration  GOTS
source	<xs:attribute name="acquisitionType" type="custom:AcquisitionType" use="optional"/>

attribute ApplicationComponent/@criticality

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute ApplicationComponent/@classificationDate

type	xs:date
properties	use  optional
source	<xs:attribute name="classificationDate" type="xs:date" use="optional"/>

attribute ApplicationComponent/@classifiedBy

type	xs:string
properties	use  optional
source	<xs:attribute name="classifiedBy" type="xs:string" use="optional"/>

attribute ApplicationComponent/@isMobile

type	xs:boolean
properties	default  false
source	<xs:attribute name="isMobile" type="xs:boolean" default="false"/>

attribute ApplicationComponent/@applicationOwner

type	xs:string
properties	use  optional
source	<xs:attribute name="applicationOwner" type="xs:string" use="optional"/>

attribute ApplicationComponent/@technicalOwner

type	xs:string
properties	use  optional
source	<xs:attribute name="technicalOwner" type="xs:string" use="optional"/>

complexType ApplicationFunction

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
annotation	documentation Security properties of an Application Function
source	<xs:complexType name="ApplicationFunction">   <xs:annotation>     <xs:documentation>Security properties of an Application Function</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:AppBehaviourAttributes"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

element ApplicationFunction/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element ApplicationFunction/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType ApplicationInteraction

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false      segregationOfDuty   custom:SegregationType   required
annotation	documentation Security properties of an Application Interaction
source	<xs:complexType name="ApplicationInteraction">   <xs:annotation>     <xs:documentation>Security properties of an Application Interaction</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:AppBehaviourAttributes"/>       <xs:attribute name="segregationOfDuty" type="custom:SegregationType" use="required"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute ApplicationInteraction/@segregationOfDuty

type	custom:SegregationType
properties	use  required
facets	Kind  Value  Annotation enumeration  NONE enumeration  BY-ACTOR enumeration  BY-ROLE
source	<xs:attribute name="segregationOfDuty" type="custom:SegregationType" use="required"/>

element ApplicationInteraction/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element ApplicationInteraction/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType ApplicationInterface

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:humanInterface tog:machineInterface
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      interfaceExposure   custom:InterfaceExposure      LOCAL      authenticator   custom:CredentialType   required         authenticationStrength   custom:ControlBaseline   required         authenticatorTrust   custom:ControlBaseline   optional
annotation	documentation Security properties of an Application Interface
source	<xs:complexType name="ApplicationInterface">   <xs:annotation>     <xs:documentation>Security properties of an Application Interface</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="1" maxOccurs="1">           <!-- Select either human or machine interface-->           <xs:element name="humanInterface" type="custom:HumanInterfaceTyoe"/>           <xs:element name="machineInterface" type="custom:MachineInterfaceTyoe"/>         </xs:choice>       </xs:sequence>       <xs:attribute name="interfaceExposure" type="custom:InterfaceExposure" default="LOCAL"/>       <xs:attribute name="authenticator" type="custom:CredentialType" use="required"/>       <xs:attribute name="authenticationStrength" type="custom:ControlBaseline" use="required"/>       <xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" use="optional"/>     </xs:extension>     <!-- Interface exposure: primarily local or remote -->     <!-- The authentication mechanism supported by this interface-->     <!-- The interface's authentication strength requirement -->     <!-- The interface's authenticator trust requirement (a function of the rigour of the user registration process)-->   </xs:complexContent> </xs:complexType>

attribute ApplicationInterface/@interfaceExposure

type	custom:InterfaceExposure
properties	default  LOCAL
facets	Kind  Value  Annotation enumeration  LOCAL enumeration  REMOTE
source	<xs:attribute name="interfaceExposure" type="custom:InterfaceExposure" default="LOCAL"/>

attribute ApplicationInterface/@authenticator

type	custom:CredentialType
properties	use  required
facets	Kind  Value  Annotation enumeration  PIN enumeration  PASSWORD enumeration  SOFTTOKEN enumeration  INTERNET-APP enumeration  BIOMETRIC enumeration  HARDTOKEN
source	<xs:attribute name="authenticator" type="custom:CredentialType" use="required"/>

attribute ApplicationInterface/@authenticationStrength

type	custom:ControlBaseline
properties	use  required
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticationStrength" type="custom:ControlBaseline" use="required"/>

attribute ApplicationInterface/@authenticatorTrust

type	custom:ControlBaseline
properties	use  optional
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" use="optional"/>

element ApplicationInterface/humanInterface

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:HumanInterfaceTyoe
properties	content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation userType   custom:UserType         HUMAN   type   derived by: xs:NMTOKEN
source	<xs:element name="humanInterface" type="custom:HumanInterfaceTyoe"/>

element ApplicationInterface/machineInterface

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:MachineInterfaceTyoe
properties	content  complex
attributes	Name   Type   Use   Default   Fixed   Annotation userType   custom:UserType         MACHINE   type   derived by: xs:NMTOKEN
source	<xs:element name="machineInterface" type="custom:MachineInterfaceTyoe"/>

complexType ApplicationProcess

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description tog:executionFrequency tog:executionPeriod
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
annotation	documentation Security properties of an Application Process
source	<xs:complexType name="ApplicationProcess">   <xs:annotation>     <xs:documentation>Security properties of an Application Process</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence>         <xs:choice minOccurs="0" maxOccurs="1">           <!-- the execution frequency & period are used to express how often the process is performed e.g. 10 - 20 times per week-->           <xs:element name="executionFrequency" type="custom:IntegerRange"/>           <xs:element name="executionPeriod" type="xs:duration"/>         </xs:choice>       </xs:sequence>       <xs:attributeGroup ref="tog:AppBehaviourAttributes"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

element ApplicationProcess/executionFrequency

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	custom:IntegerRange
properties	content  complex
children	custom:min custom:mode custom:max
source	<xs:element name="executionFrequency" type="custom:IntegerRange"/>

element ApplicationProcess/executionPeriod

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:duration
properties	content  simple
source	<xs:element name="executionPeriod" type="xs:duration"/>

complexType ApplicationService

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      identityProof   custom:ControlBaseline      STANDARD      authenticationStrength   custom:ControlBaseline      STANDARD      authenticatorTrust   custom:ControlBaseline      STANDARD      availability   custom:QualitativeScale      UNCLASSIFIED      capacity   xs:nonNegativeInteger   optional         latency   xs:float   optional         rto   xs:duration   required         rpo   xs:duration   required
annotation	documentation Defines an Application Service Requirements i.e. from the perspective of the Service Provider
source	<xs:complexType name="ApplicationService">   <xs:annotation>     <xs:documentation>Defines an Application Service Requirements i.e. from the perspective of the Service Provider</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="identityProof" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="authenticationStrength" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" default="STANDARD"/>       <xs:attribute name="availability" type="custom:QualitativeScale" default="UNCLASSIFIED"/>       <xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>       <xs:attribute name="latency" type="xs:float" use="optional"/>       <xs:attribute name="rto" type="xs:duration" use="required"/>       <xs:attribute name="rpo" type="xs:duration" use="required"/>     </xs:extension>     <!-- enrolment & credential issuance processes bind the applicant to a real identity-->     <!-- the assurance strength of the authentication mechanism itself -->     <!-- assurance in way the credential is presented, considering aspects such as bearer-type, one-time use, freshness, challenge/response etc.-->     <!-- Availability as an enumerated scale mapped to organisation's operational scales e.g.HIGH = 99.99% - 99.999%-->     <!-- Evaluation the required capacity / throughput (e.g. requests / minute) that the service can handle-->     <!-- Evaluation the required  latency / response time that the service can handle-->     <!-- Recovery Time Objective-->     <!-- Recovery Point Objective-->   </xs:complexContent> </xs:complexType>

attribute ApplicationService/@identityProof

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="identityProof" type="custom:ControlBaseline" default="STANDARD"/>

attribute ApplicationService/@authenticationStrength

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticationStrength" type="custom:ControlBaseline" default="STANDARD"/>

attribute ApplicationService/@authenticatorTrust

type	custom:ControlBaseline
properties	default  STANDARD
facets	Kind  Value  Annotation enumeration  STANDARD enumeration  ENHANCED enumeration  ASSURED
source	<xs:attribute name="authenticatorTrust" type="custom:ControlBaseline" default="STANDARD"/>

attribute ApplicationService/@availability

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="availability" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute ApplicationService/@capacity

type	xs:nonNegativeInteger
properties	use  optional
source	<xs:attribute name="capacity" type="xs:nonNegativeInteger" use="optional"/>

attribute ApplicationService/@latency

type	xs:float
properties	use  optional
source	<xs:attribute name="latency" type="xs:float" use="optional"/>

attribute ApplicationService/@rto

type	xs:duration
properties	use  required
source	<xs:attribute name="rto" type="xs:duration" use="required"/>

attribute ApplicationService/@rpo

type	xs:duration
properties	use  required
source	<xs:attribute name="rpo" type="xs:duration" use="required"/>

complexType DataObject

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
used by	complexType  Data
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      anonymisation   custom:AnonymityProtection      NONE      encryption   custom:ConfidentialityProtection      NONE      integrity   custom:TamperProtection      NONE      authenticity   custom:OriginAssurance      NONE
annotation	documentation Data-level protection capabilities of a Data Object
source	<xs:complexType name="DataObject">   <xs:annotation>     <xs:documentation>Data-level protection capabilities of a Data Object</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:sequence/>       <xs:attribute name="anonymisation" type="custom:AnonymityProtection" default="NONE"/>       <xs:attribute name="encryption" type="custom:ConfidentialityProtection" default="NONE"/>       <xs:attribute name="integrity" type="custom:TamperProtection" default="NONE"/>       <xs:attribute name="authenticity" type="custom:OriginAssurance" default="NONE"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute DataObject/@anonymisation

type	custom:AnonymityProtection
properties	default  NONE
facets	Kind  Value  Annotation enumeration  NONE enumeration  MASK enumeration  REDACT enumeration  TOKEN enumeration  HASH enumeration  OBSFUCATE
source	<xs:attribute name="anonymisation" type="custom:AnonymityProtection" default="NONE"/>

attribute DataObject/@encryption

type	custom:ConfidentialityProtection
properties	default  NONE
facets	Kind  Value  Annotation enumeration  NONE enumeration  3DES enumeration  AES enumeration  AES256 enumeration  RSA enumeration  ECC
source	<xs:attribute name="encryption" type="custom:ConfidentialityProtection" default="NONE"/>

attribute DataObject/@integrity

type	custom:TamperProtection
properties	default  NONE
facets	Kind  Value  Annotation enumeration  NONE enumeration  CHECKSUM enumeration  MD5 enumeration  HMAC enumeration  SHA1 enumeration  SHA2 enumeration  SIGNATURE
source	<xs:attribute name="integrity" type="custom:TamperProtection" default="NONE"/>

attribute DataObject/@authenticity

type	custom:OriginAssurance
properties	default  NONE
facets	Kind  Value  Annotation enumeration  NONE enumeration  SELF enumeration  ASSERTION enumeration  SHARED_SECRET enumeration  SIGNED
source	<xs:attribute name="authenticity" type="custom:OriginAssurance" default="NONE"/>

attributeGroup AppBehaviourAttributes

namespace	http://www.opengroup.org/xsd/archimate/3.1
used by	complexTypes  ApplicationFunction ApplicationInteraction ApplicationProcess
attributes	Name   Type   Use   Default   Fixed   Annotation criticality   custom:QualitativeScale      UNCLASSIFIED      privilege   custom:ApplicationRoleType   required         piiLegalBasis   custom:PIILegalBasis   optional         isTransactional   xs:boolean      false      isLogged   xs:boolean      false
source	<xs:attributeGroup name="AppBehaviourAttributes">   <!-- Enumerates the criticality of a Business behaviour-->   <xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>   <!-- Enumerates the privilege level with which the behaviour is performed-->   <xs:attribute name="privilege" type="custom:ApplicationRoleType" use="required"/>   <!-- Enumerates the legal basis for any processing of Personal Identifiable Information e.g. GDPR<-->   <xs:attribute name="piiLegalBasis" type="custom:PIILegalBasis" use="optional"/>   <!-- Indicates whether the processing is transaction safe - ACID properties<-->   <xs:attribute name="isTransactional" type="xs:boolean" default="false"/>   <!-- Indicates whether the processing produces a transaction log<-->   <xs:attribute name="isLogged" type="xs:boolean" default="false"/> </xs:attributeGroup>

attribute AppBehaviourAttributes/@criticality

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

attribute AppBehaviourAttributes/@privilege

type	custom:ApplicationRoleType
properties	use  required
facets	Kind  Value  Annotation enumeration  SELF enumeration  DELEGATE enumeration  IMPERSONATE enumeration  SYSTEM
source	<xs:attribute name="privilege" type="custom:ApplicationRoleType" use="required"/>

attribute AppBehaviourAttributes/@piiLegalBasis

type	custom:PIILegalBasis
properties	use  optional
facets	Kind  Value  Annotation enumeration  COMPLIANCE enumeration  CONSENT enumeration  CONTROLLER_INTEREST enumeration  NECESSITY enumeration  PUBLIC_INTEREST enumeration  SUBJECT_INTEREST
source	<xs:attribute name="piiLegalBasis" type="custom:PIILegalBasis" use="optional"/>

attribute AppBehaviourAttributes/@isTransactional

type	xs:boolean
properties	default  false
source	<xs:attribute name="isTransactional" type="xs:boolean" default="false"/>

attribute AppBehaviourAttributes/@isLogged

type	xs:boolean
properties	default  false
source	<xs:attribute name="isLogged" type="xs:boolean" default="false"/>

complexType Access

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseRelationship
properties	base  tog:BaseRelationship
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         sourceCardinality   xs:nonNegativeInteger      1      targetCardinality   xs:nonNegativeInteger      1      type   tog:AccessType   required         modifier   tog:AccessModifier   optional
annotation	documentation Used to define security-relevant properties of Access Relationships
source	<xs:complexType name="Access">   <xs:annotation>     <xs:documentation>Used to define security-relevant properties of Access Relationships</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseRelationship">       <xs:attribute name="type" type="tog:AccessType" use="required"/>       <xs:attribute name="modifier" type="tog:AccessModifier" use="optional"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Access/@type

type	tog:AccessType
properties	use  required
facets	Kind  Value  Annotation enumeration  Access enumeration  Read enumeration  Read-Write enumeration  Write
source	<xs:attribute name="type" type="tog:AccessType" use="required"/>

attribute Access/@modifier

type	tog:AccessModifier
properties	use  optional
facets	Kind  Value  Annotation enumeration  COPY enumeration  MOVE enumeration  DELETE enumeration  ERASE enumeration  RENAME enumeration  ARCHIVE enumeration  SET_READONLY enumeration  SET_ACCESS enumeration  SCAN enumeration  SEARCH enumeration  SUBSCRIBE enumeration  VERIFY enumeration  UPDATE enumeration  SIGN enumeration  ENCRYPT enumeration  DECRYPT enumeration  CREATE enumeration  APPEND enumeration  PUBLISH
source	<xs:attribute name="modifier" type="tog:AccessModifier" use="optional"/>

complexType Aggregation

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseRelationship
properties	base  tog:BaseRelationship
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         sourceCardinality   xs:nonNegativeInteger      1      targetCardinality   xs:nonNegativeInteger      1
annotation	documentation Used to define security-relevant properties of Aggregation Relationships
source	<xs:complexType name="Aggregation">   <xs:annotation>     <xs:documentation>Used to define security-relevant properties of Aggregation Relationships</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseRelationship"/>   </xs:complexContent> </xs:complexType>

complexType Assignment

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseRelationship
properties	base  tog:BaseRelationship
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         sourceCardinality   xs:nonNegativeInteger      1      targetCardinality   xs:nonNegativeInteger      1
annotation	documentation Used to define security-relevant properties of Assignment Relationships
source	<xs:complexType name="Assignment">   <xs:annotation>     <xs:documentation>Used to define security-relevant properties of Assignment Relationships</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseRelationship"/>   </xs:complexContent> </xs:complexType>

complexType Association

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseRelationship
properties	base  tog:BaseRelationship
children	tog:name tog:description
used by	complexType  RACI
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         sourceCardinality   xs:nonNegativeInteger      1      targetCardinality   xs:nonNegativeInteger      1      isDirected   xs:boolean      false
annotation	documentation Used to define security-relevant properties of Association Relationships
source	<xs:complexType name="Association">   <xs:annotation>     <xs:documentation>Used to define security-relevant properties of Association Relationships</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseRelationship">       <xs:attribute name="isDirected" type="xs:boolean" default="false"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Association/@isDirected

type	xs:boolean
properties	default  false
source	<xs:attribute name="isDirected" type="xs:boolean" default="false"/>

complexType Composition

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseRelationship
properties	base  tog:BaseRelationship
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         sourceCardinality   xs:nonNegativeInteger      1      targetCardinality   xs:nonNegativeInteger      1
annotation	documentation Used to define security-relevant properties of Composition Relationships
source	<xs:complexType name="Composition">   <xs:annotation>     <xs:documentation>Used to define security-relevant properties of Composition Relationships</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseRelationship"/>   </xs:complexContent> </xs:complexType>

complexType Serving

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseRelationship
properties	base  tog:BaseRelationship
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         sourceCardinality   xs:nonNegativeInteger      1      targetCardinality   xs:nonNegativeInteger      1      criticality   custom:QualitativeScale      UNCLASSIFIED
annotation	documentation Used to define security-relevant properties of Serving Relationships
source	<xs:complexType name="Serving">   <xs:annotation>     <xs:documentation>Used to define security-relevant properties of Serving Relationships</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseRelationship">       <xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>     </xs:extension>     <!-- Enumerates the criticality of the serving realtionship to the Service Consumer-->   </xs:complexContent> </xs:complexType>

attribute Serving/@criticality

type	custom:QualitativeScale
properties	default  UNCLASSIFIED
facets	Kind  Value  Annotation enumeration  NA enumeration  UNCLASSIFIED enumeration  VLOW enumeration  LOW enumeration  MODERATE enumeration  HIGH enumeration  VHIGH
source	<xs:attribute name="criticality" type="custom:QualitativeScale" default="UNCLASSIFIED"/>

simpleType AccessModifier

namespace	http://www.opengroup.org/xsd/archimate/3.1
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  Access/@modifier
facets	Kind  Value  Annotation enumeration  COPY enumeration  MOVE enumeration  DELETE enumeration  ERASE enumeration  RENAME enumeration  ARCHIVE enumeration  SET_READONLY enumeration  SET_ACCESS enumeration  SCAN enumeration  SEARCH enumeration  SUBSCRIBE enumeration  VERIFY enumeration  UPDATE enumeration  SIGN enumeration  ENCRYPT enumeration  DECRYPT enumeration  CREATE enumeration  APPEND enumeration  PUBLISH
annotation	documentation Access Types defined in the Specification
source	<xs:simpleType name="AccessModifier">   <xs:annotation>     <xs:documentation>Access Types defined in the Specification</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="COPY"/>     <xs:enumeration value="MOVE"/>     <xs:enumeration value="DELETE"/>     <xs:enumeration value="ERASE"/>     <xs:enumeration value="RENAME"/>     <xs:enumeration value="ARCHIVE"/>     <xs:enumeration value="SET_READONLY"/>     <xs:enumeration value="SET_ACCESS"/>     <xs:enumeration value="SCAN"/>     <xs:enumeration value="SEARCH"/>     <xs:enumeration value="SUBSCRIBE"/>     <xs:enumeration value="VERIFY"/>     <xs:enumeration value="UPDATE"/>     <xs:enumeration value="SIGN"/>     <xs:enumeration value="ENCRYPT"/>     <xs:enumeration value="DECRYPT"/>     <xs:enumeration value="CREATE"/>     <xs:enumeration value="APPEND"/>     <xs:enumeration value="PUBLISH"/>     <!-- Access Modifiers-->     <!-- Read Modifiers-->     <!-- Read-Write Modifiers-->     <!-- Write Modifiers-->   </xs:restriction> </xs:simpleType>

simpleType AccessType

namespace	http://www.opengroup.org/xsd/archimate/3.1
type	restriction of xs:NMTOKEN
properties	base  xs:NMTOKEN
used by	attribute  Access/@type
facets	Kind  Value  Annotation enumeration  Access enumeration  Read enumeration  Read-Write enumeration  Write
annotation	documentation Access Types defined in the Specification
source	<xs:simpleType name="AccessType">   <xs:annotation>     <xs:documentation>Access Types defined in the Specification</xs:documentation>   </xs:annotation>   <xs:restriction base="xs:NMTOKEN">     <xs:enumeration value="Access"/>     <xs:enumeration value="Read"/>     <xs:enumeration value="Read-Write"/>     <xs:enumeration value="Write"/>   </xs:restriction> </xs:simpleType>

complexType Grouping

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      isSecurityDomain   xs:boolean      false
annotation	documentation Used to mark a Grouping as a Security Domain
source	<xs:complexType name="Grouping">   <xs:annotation>     <xs:documentation>Used to mark a Grouping as a Security Domain</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="isSecurityDomain" type="xs:boolean" default="false"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Grouping/@isSecurityDomain

type	xs:boolean
properties	default  false
source	<xs:attribute name="isSecurityDomain" type="xs:boolean" default="false"/>

complexType Location

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	extension of tog:BaseElement
properties	base  tog:BaseElement
children	tog:name tog:description
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false      isSecurityDomain   xs:boolean      false
annotation	documentation Used to mark a Location as a Security Domain
source	<xs:complexType name="Location">   <xs:annotation>     <xs:documentation>Used to mark a Location as a Security Domain</xs:documentation>   </xs:annotation>   <xs:complexContent>     <xs:extension base="tog:BaseElement">       <xs:attribute name="isSecurityDomain" type="xs:boolean" default="false"/>     </xs:extension>   </xs:complexContent> </xs:complexType>

attribute Location/@isSecurityDomain

type	xs:boolean
properties	default  false
source	<xs:attribute name="isSecurityDomain" type="xs:boolean" default="false"/>

complexType BaseElement

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
children	tog:name tog:description
used by	complexTypes  Account ApplicationComponent ApplicationFunction ApplicationInteraction ApplicationInterface ApplicationProcess ApplicationService Article Authorisation BusinessActor BusinessCollaboration BusinessFunction BusinessInteraction BusinessInterface BusinessObject BusinessProcess BusinessRole BusinessService ComplianceObjective Control ControlObjective Credential DataObject DataSubject EmbeddedMetric Event Exception Grouping Impact Location Malware Metric Node Principal Requirement Risk SABSAAttribute SecurityDomain SecurityEvent SLA Standard SystemSoftware TechnologyFunction TechnologyFunction TechnologyInteraction TechnologyInteraction TechnologyInterface TechnologyProcess TechnologyProcess TechnologyService TechnologyService Threat ThreatAgent Trust Value ValueChain Vulnerability
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         isAbstract   xs:boolean      false
source	<xs:complexType name="BaseElement">   <xs:sequence>     <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>     <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>   </xs:sequence>   <xs:attribute name="id" type="xs:ID" use="required"/>   <xs:attribute name="isAbstract" type="xs:boolean" default="false"/> </xs:complexType>

attribute BaseElement/@id

type	xs:ID
properties	use  required
source	<xs:attribute name="id" type="xs:ID" use="required"/>

attribute BaseElement/@isAbstract

type	xs:boolean
properties	default  false
source	<xs:attribute name="isAbstract" type="xs:boolean" default="false"/>

element BaseElement/name

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:string
properties	content  simple
source	<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>

element BaseElement/description

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:string
properties	minOcc  0 maxOcc  1 content  simple
source	<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>

complexType BaseRelationship

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
children	tog:name tog:description
used by	complexTypes  Access Aggregation Assignment Association Composition Serving
attributes	Name   Type   Use   Default   Fixed   Annotation id   xs:ID   required         sourceCardinality   xs:nonNegativeInteger      1      targetCardinality   xs:nonNegativeInteger      1
annotation	documentation Used to define security-relevant properties of any Relationship
source	<xs:complexType name="BaseRelationship">   <xs:annotation>     <xs:documentation>Used to define security-relevant properties of any Relationship</xs:documentation>   </xs:annotation>   <xs:sequence>     <xs:element name="name" type="xs:string" minOccurs="0" maxOccurs="1"/>     <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>   </xs:sequence>   <xs:attribute name="id" type="xs:ID" use="required"/>   <xs:attribute name="sourceCardinality" type="xs:nonNegativeInteger" default="1"/>   <xs:attribute name="targetCardinality" type="xs:nonNegativeInteger" default="1"/> </xs:complexType>

attribute BaseRelationship/@id

type	xs:ID
properties	use  required
source	<xs:attribute name="id" type="xs:ID" use="required"/>

attribute BaseRelationship/@sourceCardinality

type	xs:nonNegativeInteger
properties	default  1
source	<xs:attribute name="sourceCardinality" type="xs:nonNegativeInteger" default="1"/>

attribute BaseRelationship/@targetCardinality

type	xs:nonNegativeInteger
properties	default  1
source	<xs:attribute name="targetCardinality" type="xs:nonNegativeInteger" default="1"/>

element BaseRelationship/name

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:string
properties	minOcc  0 maxOcc  1 content  simple
source	<xs:element name="name" type="xs:string" minOccurs="0" maxOccurs="1"/>

element BaseRelationship/description

diagram
namespace	http://www.opengroup.org/xsd/archimate/3.1
type	xs:string
properties	minOcc  0 maxOcc  1 content  simple
source	<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>

XML Schema documentation generated by XMLSpy Schema Editor http://www.altova.com/xmlspy