Login
      • Beta
        Contents x
        Profile Resolution Management
        • 08 May 2024
        • 1 Minute to read
        • Contributors
        • Print
        • Dark
          Light
        Contents

        Profile Resolution Management

        • Updated on 08 May 2024
        • 1 Minute to read
        • Contributors
        • Print
        • Dark
          Light
        Article summary

        For OSCAL Profiles there are Profile Resolution Endpoints defined to perform live profile resolution as well as the management of snapshot-in-time profile resolution.

        One method resolves a profile on demand and returns the resulting resolved profile catalog. The remaining methods allow for capturing and managing a snapshot in time of a resolved profile catalog. Profile snapshots are designed to capture the resolution at a point in time, such as to demonstrate the control definitions in effect at the time of an assessment.

        Today, the result of profile resolution is very static. As OSCAL reaches its full potential there will be differences in resolution results depending on when a profile is resolved. This is due to more complex layering of profiles and more dynamic updates to overlay profiles and referenced catalogs.

        The following profile resolution methods are available.

        MethodEndpointDescription
        GET/profile/{identifier}/resolved-catalogResolves the profile and returns the result as a resolved profile catalog.
        POST/profile/{identifier}/resolved-snapshotResolves the profile and saves the result as a resolved profile catalog.
        GET/profile/{identifier}/resolved-snapshotRetrieves the list of cached resolved profile catalogs, including their ID and resolution timestamp.
        GET/profile/{identifier}/resolved-snapshot{identifier}Retrieves a specific resolved profile catalog snapshot.
        PUT/profile/{identifier}/resolved-snapshot{identifier}Modifies the snapshot description, types and label.
        DELETE/profile/{identifier}/resolved-snapshot{identifier}Removes a specific resolved profile catalog snapshot.

        Snapshot Date/Timestamp Property

        When creating a snapshot via the POST method, the server must assign a snapshot-created property in the OSCAL metadata of the snapshot copy. This must contain a date/time stamp representing when the snapshot was created. The specification deliberately excludes any ability to modify this date/timestamp. The implementation should ensure this property cannot be altered by endpoint calls.

        Required Type Property

        When creating a snapshot via the POST method, the server must assign a snapshot-type property in the OSCAL metadata of the snapshot copy with the value resolved-profile. The implementation should ensure this property cannot be altered or removed by endpoint calls.

        Other Snapshot Properties

        The POST and PUT methods include the ability to add and manage a snapshot-description property as well as snapshot-label and snapshot-type properties. All are optional. While no more than one description is allowed, any number of label and type properties are allowed.

        Example
        At the time of an assessment, an assessor can take snapshot of the resolved profile catalog as a means of preserving the state of control definitions at the time of assessment.

        Was this article helpful?
        What's Next
        Change password!
        Changing your password will log you out immediately. Use the new password to log back in.
        Change profile
        Success!
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.
        Logout
        ESC

        Eddy AI, facilitating knowledge discovery through conversational intelligence