-
Notifications
You must be signed in to change notification settings - Fork 7
TC API
The TC API is a generic API for retrieving TC info and Team info. There are 7 central trust circles, one for each data type, that are populated with the CSPs (Teams) that should receive data of a specific type. The naming convention of these circles is:
- CTC::CSP_ALL
- CTC::SHARING_DATA_THREAT
- CTC::SHARING_DATA_EVENT
- CTC::SHARING_DATA_VULNERABILITY
- CTC::SHARING_DATA_ARTEFACT
- CTC::SHARING_DATA_INCIDENT
- CTC::SHARING_DATA_CONTACT
- CTC::SHARING_DATA_FILE
- CTC::SHARING_DATA_CHAT
To share a data type, do the following:
- Ask for the team IDs from the relevant CTC based on the naming convention
- Ask for the team details for each team
- Get the CSP IDs and CSP endpoints and use them to send the data to those CSPs
The TC application itself needs to use the integration layer to distribute the trust circles to all the other CSPs. This is an operation that is done by the central node operator, for example, ENISA. When you get a TrustCircle data type you need to send it to all CSPs, thus you query the CTC::CSP_ALL trust circle. This data type needs not to be indexed in Elastic, thus for this data type place an exception to the rule in DDL (do not index it but only forward it to DCL). The principal application for this data type is, of course, the trust circle implementation and no other application is expected to handle this data type (DSL routes).