iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 18180:2013

(Main)

Information technology — Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2

Information technology — Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2

ISO/IEC 18180:2013 specifies the data model and Extensible Markup Language (XML) representation for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2. An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and scoring. ISO/IEC 18180:2013 also defines a data model and format for storing results of security guidance or checklist testing. The intent of XCCDF is to provide a uniform foundation for expression of security checklists and other configuration guidance, and thereby foster more widespread application of good security practices.

Technologies de l'information — Spécification de XCCDF (Extensible Configuration Checklist Description Format) version 1.2

General Information

Status
Published
Publication Date
09-Jun-2013
ICS
35.030 - IT Security
35.040 - Information coding
35.040.50 - Automatic identification and data capture techniques
Technical Committee
ISO/IEC JTC 1 - Information technology
Drafting Committee
ISO/IEC JTC 1 - Information technology
Current Stage
9060 - Close of review
Start Date
04-Mar-2029
Ref Project

Buy Standard

ISO/IEC 18180:2013 - Information technology -- Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2ISO/IEC 18180:2013 - Information technology -- Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2
PreviousNext
Standard
ISO/IEC 18180:2013 - Information technology -- Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2
English language
73 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 18180
First edition
2013-06-15


Information technology — Specification
for the Extensible Configuration Checklist
Description Format (XCCDF) Version 1.2
Technologies de l'information — Spécification de XCCDF (Extensible
Configuration Checklist Description Format) version 1.2





Reference number
ISO/IEC 18180:2013(E)
©
ISO/IEC 2013

---------------------- Page: 1 ----------------------
ISO/IEC 18180:2013(E)

COPYRIGHT PROTECTED DOCUMENT


©  ISO/IEC 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any
means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission.
Permission can be requested from either ISO at the address below or ISO’s member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2013 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 18180:2013(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 18180 was prepared by the U.S. National Institute of Standards and Technology (as NIST IR 7275,
Revision 4) and was adopted, under a special “fast-track procedure”, by Joint Technical Committee
ISO/IEC JTC 1, Information technology, in parallel with its approval by the national bodies of ISO and IEC.
© ISO/IEC 2013 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 18180:2013(E)
NIST Interagency Report 7275
Revision 4
Specification for the
Extensible Configuration
Checklist Description Format
(XCCDF) Version 1.2
David Waltermire
Charles Schmidt
Karen Scarfone
Neal Ziring




© ISO/IEC 2013 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 18180:2013(E)


NIST Interagency Report 7275
Revision 4
Specification for the Extensible
Configuration Checklist Description

Format (XCCDF) Version 1.2

David Waltermire
Charles Schmidt
Karen Scarfone
Neal Ziring



C O M P U T E R   S E C U R I T Y

Computer Security Division
Information Technology Laboratory
National Institute of Standards and Technology
Gaithersburg, MD 20899-8930

September 2011




U.S. Department of Commerce
Rebecca M. Blank, Acting Secretary
National Institute of Standards and Technology
Patrick D. Gallagher, Under Secretary for
Standards and Technology and Director
© ISO/IEC 2013 – All rights reserved

---------------------- Page: 5 ----------------------
ISO/IEC 18180:2013(E)
SPECIFICATION FOR THE EXTENSIBLE CONFIGURATION CHECKLIST DESCRIPTION FORMAT (XCCDF) VERSION 1.2

Reports on Computer Systems Technology

The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology
(NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s
measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of
concept implementations, and technical analysis to advance the development and productive use of
information technology. ITL’s responsibilities include the development of technical, physical,
administrative, and management standards and guidelines for the cost-effective security and privacy of
sensitive unclassified information in Federal computer systems. This Interagency Report discusses ITL’s
research, guidance, and outreach efforts in compute
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 11855-8:2023(Main)
Building environment design — Design, dimensioning, installation and control of embedded radiant heating and cooling systems — Part 8: Electrical heating systems

This document specifies procedures and conditions to enable the heat flux in electrical surface heating systems to be determined relative to the medium differential temperature for systems. The determination of thermal performance electrical surface heating systems and their conformity to this document is carried out by calculation in accordance with design documents and a model. This enables a uniform assessment and calculation surface heating systems. The surface temperature and the temperature uniformity of the heated surface, nominal heat flux density between electrical heated layer and space are given as the result. The ISO 11855 series is applicable to water based embedded surface heating and cooling systems in residential, commercial and industrial buildings[1]. The methods apply to systems integrated into the wall, floor or ceiling construction without any open-air gaps. It does not apply to ceiling mounted panel systems with open air gaps which are not integrated into the building structure. The ISO 11855 series also applies, as appropriate, to the use of fluids other than water as a heating or cooling medium. The ISO 11855 series is not applicable for testing of systems. The methods do not apply to heated or chilled ceiling panels or beams. [1] ISO 11855-7 can also be used for electrical heated embedded systems.

  • Standard
    9 pages
    English language
    sale 15% off
  • Standard
    9 pages
    French language
    sale 15% off
  • Draft
    9 pages
    English language
    sale 15% off
  • Draft
    9 pages
    English language
    sale 15% off
  • Draft
    9 pages
    French language
    sale 15% off
ISO
ISO 17607-1:2023(Main)
Steel structures — Execution of structural steelwork — Part 1: General requirements and terms and definitions

This document defines general requirements for the execution of structural steelwork for: — structural steel buildings; — general structures, designed, fabricated, and erected in a manner similar to buildings with building-like load-resisting elements, e.g. support framing for equipment, tanks, vessels, and pipelines; — crane-supporting structures; — typical roadway and pedestrian bridges including those constructed using rolled sections, welded plate girders, or trusses (lattices). This document applies to structures or fabricated components that are produced from: — hot-rolled and cold-formed structural steel products up to and including a nominal yield strength of 700 MPa with a thickness of 3 mm and above; — hot-finished and cold-formed structural steel hollow sections, up to and including a nominal yield strength of 700 MPa, including standard range and custom-made rolled products and hollow sections manufactured by welding. This document also applies to steel components in composite steel and concrete structures, and in structures combining steel with other materials. This document defines requirements independent of the type and shape of the steel structure, including structures subjected to fatigue or seismic loading. The requirements are expressed in terms of execution levels. This document does not define all requirements for other types of fabricated steel structures (e.g. railway bridges, roadway and pedestrian bridges using welded box sections or arch boxes, cable-supported bridges over 100 m span, moving bridges, monorails, steel towers, masts, chimneys, silos, tanks, pipelines, antennae, offshore platforms). However, this document provides general guidance regarding fabrication and erection practices that may be used together with the appropriate ISO, regional or national design standards for such structures. This document does not cover requirements for the following: — sheeting; — fabrication of stainless steels. This document does not apply to design of steel structures. NOTE Design is inextricably a part of the design-fabrication-erection sequence, including the application of tolerances, and cannot be considered in isolation. This document is intended to be used, as appropriate, together with national standards and other documents, observing the provisions in this document concerning such use.

  • Draft
    32 pages
    English language
    sale 15% off
  • Draft
    32 pages
    English language
    sale 15% off
ISO
ISO 7637-1:2023(Main)
Road vehicles — Electrical disturbances from conduction and coupling — Part 1: Vocabulary and general considerations

This document defines the basic terms relating to electrical disturbances from conduction and coupling used in the other parts of the ISO 7637 series. It also gives general information on the whole ISO 7637 series.

  • Standard
    10 pages
    English language
    sale 15% off
  • Draft
    10 pages
    English language
    sale 15% off
  • Draft
    10 pages
    English language
    sale 15% off
ISO
ISO 24323:2023(Main)
Timber structures — Design method for vibrational serviceability of timber floors

The design method provided in this document addresses vibration induced by walking action of occupants and covers the following timber floor systems: a) Light frame floors built with timber joists spaced at a distance of no more than 610 mm with a layer of structural wood-based subfloor that is connected to the joists using mechanical fasteners or adhesive. The area density of a bare light frame floors without a screed (topping) and ceiling is not greater than 25 kg/m2. Figure 1 shows such a light frame floor. b) Mass timber floors built with mass timber panels such as cross laminated timber (CLT). This document consists of three elements: a) a baseline vibrational serviceability design criterion for timber floors using fundamental natural frequency and 1 kN static point load deflection as the design parameters including two types of design criteria, coupled and decoupled criteria; b) equations for calculating the design parameters; c) guidelines for the design values of the physical and mechanical properties of floor components. The design method is based on the assumption that the floor system has a single span and simple support conditions.

  • Standard
    15 pages
    English language
    sale 15% off
  • Draft
    15 pages
    English language
    sale 15% off
  • Draft
    15 pages
    English language
    sale 15% off
ISO
ISO 17607-4:2023(Main)
Steel structures — Execution of structural steelwork — Part 4: Erection

This document defines the general requirements for erection of steels used in the execution of structural steelwork as structures or as manufactured components in conjunction with ISO 17607-1. Additional requirements to be addressed in the execution of structural steelwork, as structures or as fabricated components, can be found in other parts of the ISO 17607 series.

  • Draft
    83 pages
    English language
    sale 15% off
  • Draft
    83 pages
    English language
    sale 15% off
ISO
ISO/IEC 18092:2023(Main)
Telecommunications and information exchange between systems — Near Field Communication Interface and Protocol 1 (NFCIP-1)

This document defines: — communication modes for Near Field Communication Interface and Protocol 1 (NFCIP-1) using inductive coupled devices operating at the centre frequency of 13,56 MHz for interconnection of computer peripherals; — both the active and the passive communication modes of NFCIP-1 to realize a communication network using Near Field Communication (NFC) devices for networked products and for consumer equipment; — a transport protocol including protocol activation and data exchange methods. This document specifies: — modulation schemes; — codings; — bit rates; — frame format of the radio frequency (RF) interface; — initialisation schemes and conditions required for data collision control during initialisation. Information interchange between systems is based on agreement between the interchange parties upon the interchange codes and the data structure.

  • Standard
    46 pages
    English language
    sale 15% off
  • Draft
    46 pages
    English language
    sale 15% off
  • Draft
    46 pages
    English language
    sale 15% off
ISO
ISO/IEC 23917:2023(Main)
Telecommunications and information exchange between systems — Near Field Communication Interface and Protocol 1 (NFCIP-1) — Protocol test methods

This document specifies protocol test methods for Near Field Communication Interface and Protocol 1 (NFCIP-1), as defined in ISO/IEC 18092 (the base standard). The radio frequency (RF) test methods for NFCIP-1 (also defined in ISO/IEC 18092) are specified in ISO/IEC 22536.

  • Standard
    48 pages
    English language
    sale 15% off
  • Draft
    48 pages
    English language
    sale 15% off
  • Draft
    48 pages
    English language
    sale 15% off
ISO
ISO 17607-2:2023(Main)
Steel structures — Execution of structural steelwork — Part 2: Steels

This document defines the general requirements for the constituent products of steels and steel products used in the execution of structural steelwork as structures or as fabricated components in conjunction with ISO 17607-1. Additional requirements to be addressed in the execution of structural steelwork, as structures or as fabricated components, can be found in other parts of the ISO 17607 series.

  • Draft
    43 pages
    English language
    sale 15% off
  • Draft
    43 pages
    English language
    sale 15% off
ISO
ISO 17607-6:2023(Main)
Steel structures — Execution of structural steelwork — Part 6: Bolting

This document defines the general requirements for structural bolting in the execution of structural steelwork as structures or as fabricated components, in conjunction with ISO 17607-1. Additional requirements to be addressed in the execution of structural steelwork, as structures or as fabricated components, can be found in other parts of ISO 17607.

  • Standard
    90 pages
    English language
    sale 15% off
ISO
ISO 17607-3:2023(Main)
Steel structures — Execution of structural steelwork — Part 3: Fabrication

This document defines the general requirements for fabrication in the execution of structural steelwork as structures or as fabricated components in conjunction with ISO 17607-1. Additional requirements to be addressed in the execution of structural steelwork, as structures or as fabricated components, can be found in other parts of the ISO 17607 series.

  • Standard
    120 pages
    English language
    sale 15% off