Closed cdmgtri closed 4 years ago
myergens
commented
3 years ago I have a few questions that I hope you can answer:
Thank you for your time. Sincerely, David Yergensen [michael.d.yergensen@nasa.gov]
cdmgtri
commented
3 years ago Hi David,
Re 1: There are currently no NIEM-specific examples of how to use CUI markings with NIEM, but the CUI Marking Handbook and 32 CFR Part 2002 include instructions for CUI markings. These resources were used in developing the NIEM CUI content and are available here.
Re 2: Schematron rules for CUI banner and portion markings do not exist yet, but they have been discussed.
The following is a list of CUI elements and the sub-elements that they contain, with minOccurs and maxOccurs noted for each.
Hope this helps!
myergens
commented
3 years ago Thank you very much for the response! Sincerely, -David Y.
David Yergensen AFDP Data Management Lead Analytical Mechanics Associates
t. 661 276-2388 (w) 661-789-7307 (c) e. michael.d.yergensen@ama-inc.commailto:michael.d.yergensen@ama-inc.com e. michael.d.yergensen@nasa.govmailto:michael.d.yergensen@nasa.gov w. www.ama-inc.comhttps://urldefense.proofpoint.com/v2/url?u=http-3A__www.ama-2Dinc.com_&d=DwMFAg&c=ApwzowJNAKKw3xye91w7BE1XMRKi2LN9kiMk5Csz9Zk&r=G_qsq6L5HZWJMfjOGNIi0kYjuNQ8x7pjietsFjrDYTo&m=1FHpZGXQnLi37x3wDs9c6K3hjjZOmtArJ2h8jmiW9LY&s=el1YISytKwjIq2LheyRlpYdCxKpSHM1Vn76ZYAD8OoY&e= a. NASA Armstrong Flight Research Center, Building 4840 Room 212-09
Confidentiality Notice: This e-mail is intended only for the addressee named above. It contains information that is privileged, confidential or otherwise protected from use and disclosure. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, or dissemination of this transmission, or taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please reply to the sender listed above immediately and permanently delete this message from your inbox. Thank you for your cooperation.
From: cdmgtri notifications@github.com Sent: Monday, February 22, 2021 3:50 PM To: NIEM/NIEM-Releases NIEM-Releases@noreply.github.com Cc: Yergensen, David (AFRC-630)[ANALYTICAL MECHANICS ASSOCIATES INC] michael.d.yergensen@nasa.gov; Comment comment@noreply.github.com Subject: [EXTERNAL] Re: [NIEM/NIEM-Releases] Add Controlled Unclassified Information (CUI) metadata (#156)
Hi David,
Re 1: There are currently no NIEM-specific examples of how to use CUI markings with NIEM, but the CUI Marking Handbook and 32 CFR Part 2002 include instructions for CUI markings. These resources were used in developing the NIEM CUI content and are available herehttps://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.archives.gov%2Fcui&data=04%7C01%7Cmichael.d.yergensen%40nasa.gov%7C120aa70929b84f522e0908d8d78ca4a3%7C7005d45845be48ae8140d43da96dd17b%7C0%7C0%7C637496346350731401%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=5WYdkHAY8fa5%2F1gi2EeJHHk8oCoFxGRuNhYV3MmV4gk%3D&reserved=0.
Re 2: Schematron rules for CUI banner and portion markings do not exist yet, but they have been discussed.
Additional resources
Cardinality
The following is a list of CUI elements and the sub-elements that they contain, with minOccurs and maxOccurs noted for each.
cui:DocumentMarkingMetdata (type cui:DocumentMarkingMetadataType)
cui:PortionMarkingMetadata (type cui:PortionMarkingMetadataType)
cui:LDCMarking (type cui:LDCType)
cui:DecontrolSchedule (type cui:DecontrolScheduleType)
Hope this helps!
- You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FNIEM%2FNIEM-Releases%2Fissues%2F156%23issuecomment-783762132&data=04%7C01%7Cmichael.d.yergensen%40nasa.gov%7C120aa70929b84f522e0908d8d78ca4a3%7C7005d45845be48ae8140d43da96dd17b%7C0%7C0%7C637496346350741356%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4lFw5CaGSvEc0mcv0qlYMvzB%2BoTDY3xuhfJ38JHfU3E%3D&reserved=0, or unsubscribehttps://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAS5HREUWLZWE7ZFLWUBESW3TALUT7ANCNFSM4OLFLD4A&data=04%7C01%7Cmichael.d.yergensen%40nasa.gov%7C120aa70929b84f522e0908d8d78ca4a3%7C7005d45845be48ae8140d43da96dd17b%7C0%7C0%7C637496346350751313%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=629GJDJgW3zz747Knw%2FVW6rtHWGcj2pIRqmBbyluBhw%3D&reserved=0.
myergens
commented
3 years ago Good morning, I have some questions concerning the CUI schema and the simpleType “LDCCodeSimpleType”.
The simpleType "LDCCodeSimpleType" contains two different types of CVEs.
• Some of the CVEs are for use only with "DocumentMarkingMetadata"
o Attorney-Client, Attorney-WP, Deliberative, DISPLAY ONLY, NOFORN
• Some of the CVEs are for use only with "PortionMarkingMetadata"
o AC, AWP, DELIB, DL ONLY, NF,
• Other CVEs may be used in both
o FED ONLY. FEDCON, NOCON, REL TO
By having all of these values defined in a single simpleType, the only way to perform accurate validation is thru the use of Schematron rules. Would you consider separating these into two separate simpleTypes? • one that only contained the permissible CVEs for LDCCode within the "DocumentMarkingMetadata" structure? • and one that only contained the permissible CVEs for LDCCode within the "PortionMarkingMetadata" structure?
I’m also curious as to why some values are in ALL CAPS, while others are in mixed-case. Thanks in advance. Sincerely, David Yergensen (Michael.d.yergensen@nasa.gov)
cdmgtri
commented
3 years ago We will be able to split the combined code set into two separate code sets because that is a better representation of the requirements. That should appear in NIEM 5.1 release candidate 1.
It's a good question, but we don't have an answer about the reason for the capitalization differences other than NIEM isn't the authoritative source for the code set and we have to use the codes and definitions as they are provided.
Thanks for the feedback!
Controlled Unclassified Information (CUI) is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified under Executive Order 13526 or the Atomic Energy Act, as amended. This release includes metadata tags for approved CUI Categories and Limited Dissemination Control markings found on the CUI Registry (https://www.archives.gov/cui).