Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Steps:

  1. The universal typology processor has already been developed and implemented in Actio as a standard feature of the Actio evaluation pipeline (see: Typology Processing)

    1. The typology processor will have a unique ID

    2. The typology processor will have a unique version

    3. Future Enhancement: Currently, the typology processor itself will be updated through a development and change control process to deploy new code. For the Network Map to completely control the routing of a transaction through the pipeline, the typology processor itself should be defined in the Network Map.

  2. Create the typology configuration (see: https://lextego.atlassian.net/wiki/spaces/ACTIO/pages/432636006/Typology+Processing#5.5.-Read-typology-expression)

    1. The typology configuration will include the rule results scoring table: the result for each rule (or each set of the sub-rules), which will be either TRUE or FALSE, must be associated with an integer between 0 and 100

    2. The typology configuration will include the typology expression

    3. If the rule processors for the typology are still to be deployed, the typology configuration could be missing or empty. When the typology processor is called on to execute the typology configuration, the typology processor will identify that no rules are in scope and no expression exists and then automatically complete the typology with a score of 0 (zero).

  3. Connect the typology

    1. Prerequisite: The typology processor must exist and be deployed to the platform.

    2. Prerequisite: A typology must be associated with an existing channel. If the channel for a typology has not yet been created, the channel must be created before the typology can be connected. (There are cascading dependencies for the transaction definition to also exist, though this is a direct prerequisite for the channel.)

    3. Future enhancement: Update the channel configuration (see: https://lextego.atlassian.net/wiki/spaces/ACTIO/pages/539885863/Channel+Aggregation+and+Decisioning#6.4.-Read-channel-configuration)

      1. Optional: The typology may be added to the “proceed” set of typologies in the channel configuration, if “no action” typology result, combined with “no action” typology results from other typologies in the “proceed” set, would trigger a “proceed” instruction to the client system.

    4. Update the Network Map (see: https://lextego.atlassian.net/wiki/spaces/ACTIO/pages/563052560/Channel+Router+and+Setup+Processor#3.1.-Read-Network-Map)

      1. The new typology must be linked to the channel within which it is to be executed by adding the typology to the transactions.channels.typologies object under the channel in the Network Map.

      2. The new typology must be described in the network map with the following information:

"typology_processor_id": "UUIDv4",
"typology_name": "Typology_29.1.0",
"typology_description": "False promotions, phishing, or social engineering scams"
"typology_processor_version": "1.0",
"typology_config_version": "1.0",

Reminder: nothing in there looks the way it does at the moment. Currently, the typology definition is as follows:

                "typology_id": "Typology_29.1.0",
                "typology_name": "Typology_29",
                "typology_version": "1.0",
                "rules": [

Some changes will be required at some point:

The typology_id relates to… what? And how is it used?

Regardless, the typology_id should reflect the ID of the specific typology processor that will be invoked for this instance of the network map. To be more specific, the typology_id should be renamed to the typology_processor_id. There may, at some future point, be multiple typology processors active in an Actio implementation for different scoring or monitoring schemes. Typology processors with arbitrarily different themes may then have a different ID, after which iterations or versions of a specific typology processor “theme” (hence, ID), will have separate version progression.

typology_name is fine, and refers to the name of the typology as a descriptor for the typology configuration used to compose the rules into a typology score.

typology_version by itself is largely insufficient, since a typology processor may have a version, and a typology config may also have a (possibly separate) version. The current typology_version describes the version of the typology configuration that is being used, and should be renamed to the typology_configuration_version. Yes, we have been referring to the typology configuration as the typology expression, but this is probably overly specific (and not technically accurate), so we should relabel expression to configuration to be more consistent with the configuration artefacts in the rest of the evaluation pipeline.

In addition to the typology_configuration_version, we will also need a new typology_processor_version to account for versioning of the typology processor itself.

Another proposed new field will be the typology description to add some legibility to the Network Map for users and configurers.

  • No labels