Add Redaction processor configuration abstraction

StephenOTT commented 5 years ago

Add a class abstraction around which "processor" is used for a @Redacted annotation. Process a per annotation configuration as well as a global configuration.

Allowing each property to have specific redaction configurations if needed (similar to how jackson has per property serialization classes if needed)

packet-rat commented 5 years ago

Any thoughts to adding a Tokenization vs. Redaction capability? I can elaborate if neccesary.

StephenOTT commented 5 years ago

Yes please elaborate.

StephenOTT commented 5 years ago

to build: more to the elaboration I need is if the tokenization is meaningful in some way or if its just a replacement scheme to replace the redacted content with a "token". If it is the replace scenario, then we have something similar to this with the "mask" feature

see the created field:

{
  "type": "bundle",
  "id": "bundle--3d6bdcdd-2137-4e97-a8a4-8020dd30bc8d",
  "spec_version": "2.0",
  "objects": [
    {
      "type": "attack-pattern",
      "id": "attack-pattern--0f4d3058-f4de-4743-ae4c-988645309d92",
      "created_by_ref": "identity--__REDACTED__",
      "created": "██REDACTED██",
      "modified": "2018-12-19T20:49:06.403Z",
      "revoked": false,
      "name": "some Attack Pattern"
    }
  ]
}

If you are talking about tokens that can then be mapped back to original values, then I need to understand more of the use case, and why the consumer would be getting the token representations rather than the original.

StephenOTT / STIX-Java

Add Redaction processor configuration abstraction #50