Open Checklist Interactive Language (OCIL)
The Open Checklist Interactive Language (OCIL) defines a framework for expressing a set of questions to be presented to a user and corresponding procedures to interpret responses to these questions. Although the OCIL specification was developed for use with IT security checklists, the uses of OCIL are by no means confined to IT security. Other possible use cases include research surveys, academic course exams, and instructional walkthroughs.
In IT security, organizations work with security policies that detail the information that needs to be secured and the security requirements that must be met to ensure the information is protected accordingly. To verify compliance with security requirements, Federal agencies have already implemented security technologies that support the Security Content Automation Protocol (SCAP). OCIL is considered an emerging specification, so it is not currently included in SCAP. However, OCIL can still be used in conjunction with SCAP specifications such as XCCDF to help handle cases where lower-level checking languages such as OVAL are unable to automate a particular check. In short, OCIL provides a standardized approach to express and evaluate non-automated (i.e., manual) security checks.
OCIL provides the conceptual framework for representing non-automatable questions. The following list defines the features supported by OCIL:
- Ability to define questions (of type Boolean, Choice, Numeric, or String)
- Ability to define possible answers to a question from which the user can choose
- Ability to define actions to be taken resulting from a user's answer
- Ability to enumerate the result set
The OCIL Discussion List is available for developers interested in OCIL. Please subscribe to this list through the SCAP Community page.
OCIL Resources
Specification:
NISTIR 7692
XML Schema Files: [what is a schema?]
OCIL 2.0 Schema (XSD 1.0)
XML Schema Files: [what is a schema?]
OCIL Schema (XSD 1.0)
Sample Files:
General-Mitre-OCIL-1.xml
scap-win2000-OCIL.xml
Documentation:
OCIL Language Specification
OCIL Schema Element Dictionary
OCIL Changelog
XML Schema Files: [what is a schema?]
OCIL Schema (XSD 1.0)
Sample Files:
General-Mitre-OCIL-1.xml
scap-win2000-OCIL.xml
Documentation:
OCIL Language Specification
OCIL Schema Element Dictionary
OCIL Changelog
OCIL Interpreter
The OCIL Interpreter is a standalone Java GUI implementation that demonstrates how an interactive schema document can be evaluated. It guides the end user in completing questionnaires (one question at a time), viewing and computing results.
OCIL Interpreter Resources
Download:
Download Page
Project Page