|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectde.fhhannover.inform.trust.ifmapj.metadata.StandardIfmapMetadataFactoryImpl
public class StandardIfmapMetadataFactoryImpl
Simple implementation of the StandardIfmapMetadataFactory
interface.
Constructor Summary | |
---|---|
StandardIfmapMetadataFactoryImpl()
|
Method Summary | |
---|---|
Document |
createArDev()
Create a Document representing access-request-device metadata. |
Document |
createArIp()
Create a Document representing access-request-ip metadata. |
Document |
createArMac()
Create a Document representing access-request-mac metadata. |
Document |
createAuthAs()
Create a Document representing authenticated-as metadata. |
Document |
createAuthBy()
Create a Document representing authenticated-by metadata. |
Document |
createCapability(String name)
Create a Document representing capability metadata. |
Document |
createCapability(String name,
String administrativeDomain)
Create a Document representing capability metadata. |
Document |
createDevAttr(String name)
Create a Document representing device-attribute metadata. |
Document |
createDevChar(String manufacturer,
String model,
String os,
String osVersion,
String deviceType,
String discoveredTime,
String discovererId,
String discoveryMethod)
Create a Document representing device-characteristic metadata. |
Document |
createDevIp()
Create a Document representing device-ip metadata. |
Document |
createDiscoveredBy()
Create a Document representing discovered-by metadata. |
Document |
createEnforcementReport(EnforcementAction enforcementAction,
String otherTypeDefinition,
String enforcementReason)
Create a Document representing enforcement-report metadata. |
Document |
createEvent(String name,
String discoveredTime,
String discovererId,
Integer magnitude,
Integer confidence,
Significance significance,
EventType type,
String otherTypeDefinition,
String information,
String vulnerabilityUri)
Create a Document representing event metadata. |
Document |
createIpMac()
Create a Document representing ip-mac metadata. |
Document |
createIpMac(String startTime,
String endTime,
String dhcpServer)
Create a Document representing ip-mac metadata based on the given
parameters. |
Document |
createLayer2Information(Integer vlanNum,
String vlanName,
Integer port,
String administrativeDomain)
Create a Document representing layer2-information metadata. |
Document |
createLocation(List<LocationInformation> locationInformation,
String discoveredTime,
String discovererId)
Create a Document representing location metadata. |
Document |
createRequestForInvestigation(String qualifier)
Create a Document representing request-for-investigation metadata. |
Document |
createRole(String name)
Create a Document representing role metadata. |
Document |
createRole(String name,
String administrativeDomain)
Create a Document representing role metadata. |
Document |
createUnexpectedBehavior(String discoveredTime,
String discovererId,
Integer magnitude,
Integer confidence,
Significance significance,
String type)
Create a Document representing unexpected-behavior metadata. |
Document |
createWlanInformation(String ssid,
List<WlanSecurityType> ssidUnicastSecurity,
WlanSecurityType ssidGroupSecurity,
List<WlanSecurityType> ssidManagementSecurity)
Create a Document representing wlan-information metadata. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public StandardIfmapMetadataFactoryImpl()
Method Detail |
---|
public Document createIpMac(String startTime, String endTime, String dhcpServer)
StandardIfmapMetadataFactory
Document
representing ip-mac metadata based on the given
parameters.
ip-mac is link metadata that associates an ip-address identifier with a mac-address identifier and which includes optional DHCP lease information
createIpMac
in interface StandardIfmapMetadataFactory
startTime
- the start-time value or nullendTime
- the end-time value or nulldhcpServer
- the dhcp-server value or null
Document
that represents the metadatapublic Document createIpMac()
StandardIfmapMetadataFactory
Document
representing ip-mac metadata.
ip-mac is link metadata that associates an ip-address identifier with a mac-address identifier and which includes optional DHCP lease information
createIpMac
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createArMac()
StandardIfmapMetadataFactory
Document
representing access-request-mac metadata.
access-request-mac is link metadata that associates an access-request identifier with a mac-address identifier
createArMac
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createArDev()
StandardIfmapMetadataFactory
Document
representing access-request-device metadata.
access-request-device is link metadata that associates an access-request identifier with a device identifier
createArDev
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createArIp()
StandardIfmapMetadataFactory
Document
representing access-request-ip metadata.
access-request-ip is link metadata that associates an access-request identifier with an ip-address identifier
createArIp
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createAuthAs()
StandardIfmapMetadataFactory
Document
representing authenticated-as metadata.
authenticated-as is link metadata that associates an access-request identifier with an identity identifier
createAuthAs
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createAuthBy()
StandardIfmapMetadataFactory
Document
representing authenticated-by metadata.
authenticated-by is link metadata that associates an access-request identifier with the device identifier of the PDP that authenticated the access-request
createAuthBy
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createDevIp()
StandardIfmapMetadataFactory
Document
representing device-ip metadata.
device-ip is link metadata that associates a device identifier of a PDP with an IP address which it has authenticated
createDevIp
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createDiscoveredBy()
StandardIfmapMetadataFactory
Document
representing discovered-by metadata.
discovered-by is link metadata that associates an ip-address or mac-address identifier of an endpoint with the device identifier of a MAP Client that has noticed the endpoint on the network
createDiscoveredBy
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createRole(String name, String administrativeDomain)
StandardIfmapMetadataFactory
Document
representing role metadata.
role is link metadata that associates an access-request identifier with an identity identifier and which names collections of privileges associated with the end-user
createRole
in interface StandardIfmapMetadataFactory
name
- the name of the roleadministrativeDomain
- the administrative-domain or null
Document
that represents the metadatapublic Document createRole(String name)
StandardIfmapMetadataFactory
Document
representing role metadata.
role is link metadata that associates an access-request identifier with an identity identifier and which names collections of privileges associated with the end-user
createRole
in interface StandardIfmapMetadataFactory
Document
that represents the metadatapublic Document createDevAttr(String name)
StandardIfmapMetadataFactory
Document
representing device-attribute metadata.
device-attribute is link metadata that associates an access-request identifier with a device identifier and which includes information about the device such as its health
createDevAttr
in interface StandardIfmapMetadataFactory
name
- the name of the attribute
Document
that represents the metadatapublic Document createCapability(String name, String administrativeDomain)
StandardIfmapMetadataFactory
Document
representing capability metadata.
capability metadata refers to a collection of privileges assigned to an endpoint as a result of an access request.
createCapability
in interface StandardIfmapMetadataFactory
name
- the name of the capabilityadministrativeDomain
- the administrative-domain or null
Document
that represents the metadatapublic Document createCapability(String name)
StandardIfmapMetadataFactory
Document
representing capability metadata.
capability metadata refers to a collection of privileges assigned to an endpoint as a result of an access request.
createCapability
in interface StandardIfmapMetadataFactory
name
- the name of the capability
Document
that represents the metadatapublic Document createDevChar(String manufacturer, String model, String os, String osVersion, String deviceType, String discoveredTime, String discovererId, String discoveryMethod)
StandardIfmapMetadataFactory
Document
representing device-characteristic metadata.
device-characteristic is metadata assigned to a specific endpoint by a MAP Client (usually a PDP or Sensor) to reflect an inherent characteristic of that endpoint, such as its manufacturer or what operating system it is running, along with what element discovered the information and what method of discovery was used.
createDevChar
in interface StandardIfmapMetadataFactory
manufacturer
- the manufacturer of the endpointmodel
- the model of the endpointos
- the operating system of the endpointosVersion
- the version of the endpoint's operating systemdeviceType
- the type of the endpointdiscoveredTime
- (mandatory) the time at which this
device-characteristic was first detecteddiscovererId
- (mandatory)discoveryMethod
- (mandatory) the element that discovered the characteristic
Document
that represents the metadatapublic Document createEnforcementReport(EnforcementAction enforcementAction, String otherTypeDefinition, String enforcementReason)
StandardIfmapMetadataFactory
Document
representing enforcement-report metadata.
enforcement-report metadata is attached to a link to associate a specific mac-address identifier or ip-address identifier with a specific device identifier representing a PEP or Flow Controller. A Flow controller may create the association when it takes enforcement action against an endpoint. A PDP may create the association when it instructs a PEP to take enforcement action against an endpoint.
createEnforcementReport
in interface StandardIfmapMetadataFactory
enforcementAction
- the enforcement action that should be takenotherTypeDefinition
- this must not be null if action is
EnforcementAction.block
enforcementReason
- the reason of the enforcement
Document
that represents the metadatapublic Document createEvent(String name, String discoveredTime, String discovererId, Integer magnitude, Integer confidence, Significance significance, EventType type, String otherTypeDefinition, String information, String vulnerabilityUri)
StandardIfmapMetadataFactory
Document
representing event metadata.
event metadata refers to activity of interest detected on the network. Examples include network traffic that matches the profile of a virus attack, excessive network traffic originating from a particular endpoint, and the use of a specific protocol such as an Instant Messaging protocol.
createEvent
in interface StandardIfmapMetadataFactory
name
- the name of the eventdiscoveredTime
- the time it was discovereddiscovererId
- the entity that discovered the eventmagnitude
- must be between 0 and 100confidence
- must be between 0 and 100significance
- the significance of the eventtype
- the type of the eventotherTypeDefinition
- must not be null if type is EventType.other
information
- a human readable String
containgin further informationvulnerabilityUri
- must not be null if event is of type EventType.cve
Document
that represents the metadatapublic Document createLayer2Information(Integer vlanNum, String vlanName, Integer port, String administrativeDomain)
StandardIfmapMetadataFactory
Document
representing layer2-information metadata.
layer2-information is attached to a link between an access-request and the device identifier of the PEP through which access is occurring. layer2-information includes vlan, which specifies the VLAN assigned to the access request; port, which specifies the port on the layer 2 PEP that the access-request originates from; and an optional administrative-domain, which may be used to distinguish between two instances of the same VLAN number in different parts of a network.
createLayer2Information
in interface StandardIfmapMetadataFactory
vlanNum
- the ID of the VLANvlanName
- the name of the VLANport
- the port numberadministrativeDomain
- the administrative domain (may be null)
Document
that represents the metadatapublic Document createLocation(List<LocationInformation> locationInformation, String discoveredTime, String discovererId)
StandardIfmapMetadataFactory
Document
representing location metadata.
The location metadata element represents a named region of space – usually a region with security import. The region may be contiguous or discontiguous and may have any shape and boundaries as defined by an organization.
createLocation
in interface StandardIfmapMetadataFactory
locationInformation
- list of all location information elementsdiscoveredTime
- the time the location information was discovereddiscovererId
- the entity that discovered the location information
Document
that represents the metadatapublic Document createRequestForInvestigation(String qualifier)
StandardIfmapMetadataFactory
Document
representing request-for-investigation metadata.
request-for-investigation metadata indicates that specified device, which may be a PDP or other MAP Client, wants Sensors to publish device-characteristic metadata about the specified MAC or IP address.
createRequestForInvestigation
in interface StandardIfmapMetadataFactory
qualifier
- indicate what type of investigation should be done
Document
that represents the metadatapublic Document createWlanInformation(String ssid, List<WlanSecurityType> ssidUnicastSecurity, WlanSecurityType ssidGroupSecurity, List<WlanSecurityType> ssidManagementSecurity)
StandardIfmapMetadataFactory
Document
representing wlan-information metadata.
wlan-information is attached to a link to associate a specific access-request identifier with a specific device identifier representing the PEP through which access is occurring.
createWlanInformation
in interface StandardIfmapMetadataFactory
ssidUnicastSecurity
- the unicast securityssidGroupSecurity
- the group securityssidManagementSecurity
- the management security
Document
that represents the metadatapublic Document createUnexpectedBehavior(String discoveredTime, String discovererId, Integer magnitude, Integer confidence, Significance significance, String type)
StandardIfmapMetadataFactory
Document
representing unexpected-behavior metadata.
Unexpected-behavior metadata indicates that an endpoint is behaving in an unauthorized or unexpected manner (e.g. an endpoint previously profiled as a printer that starts sending non-print-related traffic).
createUnexpectedBehavior
in interface StandardIfmapMetadataFactory
discoveredTime
- the time it was discovereddiscovererId
- the entity that discovered itmagnitude
- element indicates how severe the effects of the activity
are. Ranges from 0 to 100.confidence
- indicates how confident the MAP Client that published
the metadata is that it accurately describes the activity of
interest. Ranges from 0 to 100.significance
- indicates how important the unexpected behavior istype
- machine consumable String
indicating the nature of
the unexpected behavior
Document
that represents the metadata
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |