An extension to python-stix supporting STIX Data Markings for the Enhance Shared Situational Awareness (ESSA) Initiative's Information Sharing Architecture (ISA) Access Control Specification (ACS), which are based on the US Intelligence Community's Enterprise Data Header (EDH) specification.
stix-edh supports version 2.0 of the ISA Marking extensions for STIX, published January 19, 2016:
These schemas use version 3.0 of the Smart Data EDH Cyber Profile, and correspond to ACS Version 3.0.
NOTE: stix-edh does not currently support version 1.0 of the ISA Marking extensions (published February 26, 2015), which use the schemas below. Version 1.0 of the ISA Marking extensions use version 2.0 of the Smart Data EDH Cyber Profile, and corresponds to ACS Version 2.0.
The stix-edh library itself uses semantic versioning, and the version numbers are unrelated to the versions of EDH, ACS, or ISA.
To parse XML using with EDH data markings, just import stix_edh after import stix.
import stix
import stix_edh # automatically registers extensions with python-stix
# Go on to parse your stix package
from stix.core import STIXPackage
package = STIXPackage.from_xml('stix.xml')To create data markings, create an instance of stix_edh.ISAMarkings or stix_edh.ISAMarkingsAssertions, and add it to a MarkingSpecification object as a MarkingStructure. See examples/create-isa.py in the source repository for more information.
- Python 3.7+
- python-stix
- for STIX 1.1.1: >= 1.1.1.8 and < 1.2.0.0
- for STIX 1.2: >= 1.2.0.3
- mixbox > 1.0.5
This software was produced for the U. S. Government, and is subject to the Rights in Data-General Clause 52.227-14, Alt. IV (DEC 2007).
Copyright (c) 2017, The MITRE Corporation. All Rights Reserved.