• Home
• com.daedafusion.mitre
• cybox-jaxb
• 2.1
• source code
• Volume_Object.xsd

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

objects.Volume_Object.xsd Maven / Gradle / Ivy

	
		This schema was originally developed by The MITRE Corporation. The CybOX XML Schema implementation is maintained by The MITRE Corporation and developed by the open CybOX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the CybOX website at http://cybox.mitre.org.
		
			Volume_Object
			2.1
			01/22/2014			
			The following specifies the fields and types that compose this defined CybOX Object type. Each defined object is an extension of the abstract ObjectPropertiesType, defined in CybOX Common. For more information on this extension mechanism, please see the CybOX Specification. This document is intended for developers and assumes some familiarity with XML. 
			Copyright (c) 2012-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the CybOX License located at http://cybox.mitre.org/about/termsofuse.html. See the CybOX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the CybOX Schema, this license header must be included.
		
	
	
	
		
			The Volume object is intended to characterize generic drive volumes.
		
	
	
		
			The VolumeObjectType type is intended to characterize generic drive volumes.
		
		
			
				
					
						
							The Name field specifies the name of the volume.
						
					
					
						
							The Device_Path specifies the full path to the volume, including the device on which it resides.
						
					
					
						
							The File_System_Type field specifies the name of the file system which is used on the volume.
						
					
					
						
							The Total_Allocation_Units field specifies the total number of allocation units available on the volume.
						
					
					
						
							The Sectors_Per_Allocation_Unit field specifies the number of disk sectors used for each allocation unit on the volume.
						
					
					
						
							The Bytes_Per_Sector field specifies the number of bytes allocated for each sector of the volume.
						
					
					
						
							The Actual_Available_Allocation_Units field specifies the number of allocation units, or clusters, available on the volume.
						
					
					
						
							The Creation_Time field specifies the date/time that the volume was created.
						
					
					
						
							The File_System_Flag_List field specifies the particular flags set for the volume by the file system which is used on the volume.
						
					
					
						
							The Serial_Number field specifies the serial number of the volume.
						
					
				
				
					
						The is_mounted field specifies whether the volume is mounted.
					
				
			
		
	
	
		
			The VolumeOptionsType type specifies the particular options set for the volume. This is an abstract type since volume options are OS-specific, and is extended by the related OS-specific CybOX volume objects.
		
	
	
		
			The FileSystemFlagListType is a listing of the flags specified for the volume by the file system.
		
		
			
				
					The File_System_Flag field specifies a particular flag used on the volume by the file system.
				
			
		
	
	
		
			VolumeFileSystemFlagType specifies file system flags, via a union of the VolumeFileSystemFlagEnum type and the atomic xs:string type. Its base type is the CybOX Core BaseObjectPropertyType, for permitting complex (i.e. regular-expression based) specifications.
		
		
			
				
					
				
				
					
						This attribute is optional and specifies the expected type for the value of the specified property.
					
				
			
		
	
	
		
			The FileSystemFlagEnum type is an enumeration of flags used by file systems on volumes, especially those on Windows Operating Systems. See http://msdn.microsoft.com/en-us/library/windows/desktop/aa364993(v=vs.85).aspx and http://msdn.microsoft.com/en-us/library/cc232101(v=prot.13).aspx for more information.
		
		
			
				
					
						
							Indicates that the specified volume supports case-sensitive file names. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000001.
						
					
					
						
							Indicates that the specified volume supports preserved case of file names when it places a name on disk. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000002.
						
					
					
						
							Indicates that the specified volume supports preserved case of file names when it places a name on disk. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000004.
						
					
					
						
							Indicates that the specified volume preserves and enforces access control lists (ACL). For example, the NTFS file system preserves and enforces ACLs, and the FAT file system does not. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000008.
						
					
					
						
							Indicates that the specified volume supports file-based compression. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000010.
						
					
					
						
							Indicates that the specified volume supports disk quotas. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000020.
						
					
					
						
							Indicates that the specified volume supports sparse files. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000040.
						
					
					
						
							Indicates that the specified volume supports re-parse points. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00000080.
						
					
					
						
							Indicates that the specified volume supports remote storage. This is not listed with a lpFileSystemFlags value in documentation, but corresponds to the FileSystemAttributes value 0x00000100.
						
					
					
						
							Indicates that the specified volume is a compressed volume, for example, a DoubleSpace volume. This flag is incompatible with the FILE_FILE_COMPRESSION flag. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00008000.
						
					
					
						
							Indicates that the specified volume supports object identifiers. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00010000.
						
					
					
						
							Indicates that the specified volume supports encryption. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00020000.
						
					
					
						
							Indicates that the specified volume supports named streams. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00040000.
						
					
					
						
							Indicates that the specified volume is read-only. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00080000.
						
					
					
						
							Indicates that the specified volume supports a single sequential write. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00100000.
						
					
					
						
							Indicates that the specified volume supports transactions. For more information about transactions, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa365993(v=vs.85).aspx. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00200000.
						
					
					
						
							Indicates that the specified volume supports hard links. For more information about hard links, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa365006(v=vs.85).aspx. Note that hard links are DIFFERENT from symbolic links. This value is ONLY supported for Windows Server 2008 R2 and Windows 7 and later. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00400000.
						
					
					
						
							Indicates that the specified volume supports extended attributes. An extended attribute is a piece of application-specific metadata that an application can associate with a file and is not part of the file's data. This value is ONLY supported for Windows Server 2008 R2 and Windows 7 and later. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x00800000.
						
					
					
						
							Indicates that the specified volume supports open by FileID. For more information about open by FileID, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa364226(v=vs.85).aspx. This value is ONLY supported for Windows Server 2008 R2 and Windows 7 and later. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x01000000.
						
					
					
						
							Indicates that the specified volume supports unique service number (USN) journals. For more information about USN journals, see http://msdn.microsoft.com/en-us/library/windows/desktop/aa363803(v=vs.85).aspx. This value is ONLY supported for Windows Server 2008 R2 and Windows 7 and later. This corresponds to the lpFileSystemFlags and FileSystemAttributes value 0x02000000.
						
					
					
						
							Indicates that the specified volume supports integrity streams. Currently, this value is ONLY available for ReFS and Windows 8 Beta. This corresponds to the FileSystemAttributes value 0x04000000.