Using DITA to Create Security Configuration Checklists
Many software tools use security configuration checklists expressed in the Extensible Configuration Checklist Description Format (XCCDF) to monitor computers and other information technology products for compliance with security policies. But XCCDF syntax is checklist author-unfriendly. And complex relationships and dependencies between and among checklist rules, checking instructions, and software platforms make it difficult to reuse or repurpose existing XCCDF content in new checklists. The Darwin Information Typing Architecture (DITA) can tame XCCDF syntax and facilitate content management and reuse. A case study comparing the use of specialization and other DITA features with a currently- deployed ad hoc XCCDF authoring system demonstrates the DITA approach's advantages.
Using DITA to Create Security Configuration Checklists, Balisage Series on Markup Technologies, Washington, DC, [online], https://doi.org/10.4242/BalisageVol19.Lubell01
(Accessed September 30, 2023)