OCSF.Classification (OCSF v0.1.0)

Data class taxonomy for PII classification.

Every field in an OCSF nested object struct is tagged with a data class via __ocsf_fields__/0. Sink policies use these classes to decide which fields to allow, deny, or transform during redaction.

Data classes

Class	PII?	Default policy
`:identifier`	No	`:allow`
`:tenant`	No	`:allow`
`:taxonomic`	No	`:allow`
`:temporal`	No	`:allow`
`:contact`	Yes	`:deny`
`:identity`	Yes	`:deny`
`:network`	No	`:deny`
`:geolocation`	No	`:deny`
`:credential`	Yes	`:deny`

See OCSF.User, OCSF.Organization, and other struct modules for per-field classification via __ocsf_fields__/0.

Summary

Types

data_class()

Functions

data_classes()

Return all valid data classes.

default_policy(atom)

Return the default sink policy for a data class.

pii?(arg1)

Return true if the class is classified as PII by default.

Types

data_class()

@type data_class() ::
  :identifier
  | :tenant
  | :taxonomic
  | :temporal
  | :contact
  | :identity
  | :network
  | :geolocation
  | :credential

Functions

data_classes()

@spec data_classes() :: [data_class()]

Return all valid data classes.

Examples

iex> OCSF.Classification.data_classes()
[:identifier, :tenant, :taxonomic, :temporal, :contact, :identity, :network, :geolocation, :credential]

default_policy(atom)

@spec default_policy(data_class()) :: :allow | :deny

Return the default sink policy for a data class.

Non-sensitive classes default to :allow; sensitive classes default to :deny.

Examples

iex> OCSF.Classification.default_policy(:identifier)
:allow

iex> OCSF.Classification.default_policy(:contact)
:deny

pii?(arg1)

@spec pii?(data_class()) :: boolean()

Return true if the class is classified as PII by default.

The PII classes are :contact, :identity, and :credential.

Examples

iex> OCSF.Classification.pii?(:contact)
true

iex> OCSF.Classification.pii?(:identity)
true

iex> OCSF.Classification.pii?(:identifier)
false