Intended for
access, rights, handling or other metadata that applies to the assertion
statement. Use EDH security options whenever an assertion already has a unique enterprise
identifer or
is intended for potential extraction and should be able stand on it's own as a separate
referencable object. Use arh security only when assertions are not
intended to be extracted and do not require enterprise identifiers.
Used to indicate if the statement metadata applies to encrypted or unencrypted data.
If a TDO payload or assertion statement is encrypted, there are in fact two potentially
different markings needed for decision making,
analysis and querying, one describing the handling required for the encrypted blob,
and the other for the handling required for the unencrypted
(and in effect external) state. In cases where statements and/or payloads are encrypted,
allow handling assertions and statement metadata
elements to indicate whether their marks apply to the encypted blob state vs. actual
data by using an attribute appliesToState
Source
<xs:element maxOccurs="2" minOccurs="0" name="StatementMetadata"><xs:annotation><xs:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">Intended for access, rights, handling or other metadata that applies to the assertion statement. Use EDH security options whenever an assertion already has a unique enterprise identifer or is intended for potential extraction and should be able stand on it's own as a separate referencable object. Use arh security only when assertions are not intended to be extracted and do not require enterprise identifiers.</p></xs:documentation></xs:annotation><xs:complexType><xs:choice><xs:element ref="edh:Edh" minOccurs="1" maxOccurs="1"/><xs:element ref="edh:ExternalEdh" minOccurs="1" maxOccurs="1"/><xs:element ref="arh:Security" minOccurs="1" maxOccurs="1"/><xs:element ref="arh:ExternalSecurity" minOccurs="1" maxOccurs="1"/></xs:choice><xs:attribute name="appliesToState" type="tdfstate:CVEnumTDFAppliesToState" use="optional"><xs:annotation><xs:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">Used to indicate if the statement metadata applies to encrypted or unencrypted data. If a TDO payload or assertion statement is encrypted, there are in fact two potentially different markings needed for decision making, analysis and querying, one describing the handling required for the encrypted blob, and the other for the handling required for the unencrypted (and in effect external) state. In cases where statements and/or payloads are encrypted, allow handling assertions and statement metadata elements to indicate whether their marks apply to the encypted blob state vs. actual data by using an attribute appliesToState</p></xs:documentation></xs:annotation></xs:attribute></xs:complexType></xs:element>
A unique local identifier
used for binding and signing purposes. Not guarenteed to be unique across
multiple TDC/TDOs but must be unique within a single instance of either.
The logical grouping to
which the assertion belongs. The Assertion type attribute is intended to provide
additional
context, allowing various systems to pre-determine relenvance of assertions without
parsing
or reading all of the assertions. Type might include categorizations such as
discovery, mission, or task order to allow various systems to determine which assertions
are relevant for them to parse.
Source
<xs:complexType name="AssertionType"><xs:sequence><xs:element maxOccurs="2" minOccurs="0" name="StatementMetadata"><xs:annotation><xs:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">Intended for access, rights, handling or other metadata that applies to the assertion statement. Use EDH security options whenever an assertion already has a unique enterprise identifer or is intended for potential extraction and should be able stand on it's own as a separate referencable object. Use arh security only when assertions are not intended to be extracted and do not require enterprise identifiers.</p></xs:documentation></xs:annotation><xs:complexType><xs:choice><xs:element ref="edh:Edh" minOccurs="1" maxOccurs="1"/><xs:element ref="edh:ExternalEdh" minOccurs="1" maxOccurs="1"/><xs:element ref="arh:Security" minOccurs="1" maxOccurs="1"/><xs:element ref="arh:ExternalSecurity" minOccurs="1" maxOccurs="1"/></xs:choice><xs:attribute name="appliesToState" type="tdfstate:CVEnumTDFAppliesToState" use="optional"><xs:annotation><xs:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">Used to indicate if the statement metadata applies to encrypted or unencrypted data. If a TDO payload or assertion statement is encrypted, there are in fact two potentially different markings needed for decision making, analysis and querying, one describing the handling required for the encrypted blob, and the other for the handling required for the unencrypted (and in effect external) state. In cases where statements and/or payloads are encrypted, allow handling assertions and statement metadata elements to indicate whether their marks apply to the encypted blob state vs. actual data by using an attribute appliesToState</p></xs:documentation></xs:annotation></xs:attribute></xs:complexType></xs:element><xs:group ref="EncryptionInformationGroup"/><xs:group ref="StatementGroup"/><xs:group ref="BindingGroup" minOccurs="0"/></xs:sequence><xs:attribute ref="scope" use="required"/><xs:attribute name="type" type="xs:string"><xs:annotation><xs:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">The logical grouping to which the assertion belongs. The Assertion type attribute is intended to provide additional context, allowing various systems to pre-determine relenvance of assertions without parsing or reading all of the assertions. Type might include categorizations such as discovery, mission, or task order to allow various systems to determine which assertions are relevant for them to parse.</p></xs:documentation></xs:annotation></xs:attribute><xs:attribute ref="id" use="optional"/></xs:complexType>
Used to indicate if the statement metadata applies to encrypted or unencrypted data.
If a TDO payload or assertion statement is encrypted, there are in fact two potentially
different markings needed for decision making,
analysis and querying, one describing the handling required for the encrypted blob,
and the other for the handling required for the unencrypted
(and in effect external) state. In cases where statements and/or payloads are encrypted,
allow handling assertions and statement metadata
elements to indicate whether their marks apply to the encypted blob state vs. actual
data by using an attribute appliesToState
<xs:attribute name="appliesToState" type="tdfstate:CVEnumTDFAppliesToState" use="optional"><xs:annotation><xs:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">Used to indicate if the statement metadata applies to encrypted or unencrypted data. If a TDO payload or assertion statement is encrypted, there are in fact two potentially different markings needed for decision making, analysis and querying, one describing the handling required for the encrypted blob, and the other for the handling required for the unencrypted (and in effect external) state. In cases where statements and/or payloads are encrypted, allow handling assertions and statement metadata elements to indicate whether their marks apply to the encypted blob state vs. actual data by using an attribute appliesToState</p></xs:documentation></xs:annotation></xs:attribute>
The logical grouping to
which the assertion belongs. The Assertion type attribute is intended to provide
additional
context, allowing various systems to pre-determine relenvance of assertions without
parsing
or reading all of the assertions. Type might include categorizations such as
discovery, mission, or task order to allow various systems to determine which assertions
are relevant for them to parse.
<xs:attribute name="type" type="xs:string"><xs:annotation><xs:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">The logical grouping to which the assertion belongs. The Assertion type attribute is intended to provide additional context, allowing various systems to pre-determine relenvance of assertions without parsing or reading all of the assertions. Type might include categorizations such as discovery, mission, or task order to allow various systems to determine which assertions are relevant for them to parse.</p></xs:documentation></xs:annotation></xs:attribute>
This document has been approved for Public Release by the Office of the Director of National Intelligence. See 'Distribution
Notice' for details.
Click Here