Knogin
[Developers]

Entity Map Domain

During a financial crime investigation, an analyst needs to explain to a senior officer how a network of shell companies connects a suspect director to three overseas accounts. A static report struggles to convey that st

Back to All Modules
Category: Api DomainsLast Updated: Feb 24, 2026
api-domains

Overview#

During a financial crime investigation, an analyst needs to explain to a senior officer how a network of shell companies connects a suspect director to three overseas accounts. A static report struggles to convey that structure. An entity map does it immediately: nodes for the suspect, the companies, and the accounts; directed edges labelled with role, jurisdiction, and transaction date. The Entity Map domain provides exactly that capability, letting analysts build named visual relationship maps from typed nodes and directed edges with arbitrary properties.

Access is controlled by organisation isolation and a four-tier secrecy level hierarchy. A UNCLASSIFIED map is shareable; a TOP SECRET map is visible only to users whose clearance permits it. This makes entity maps equally useful for open investigative analysis and for classified intelligence assessments.

Key Features#

  • Named entity map creation with typed nodes and directed edges
  • Support for multiple node types aligned to the POLE model (persons, organisations, locations, objects/vehicles)
  • Arbitrary property storage on nodes and edges via JSONB for flexible metadata
  • Four-tier secrecy level hierarchy (UNCLASSIFIED through TOP SECRET)
  • RBAC clearance checks for map access control
  • Dual-database persistence with graph replication for traversal queries
  • Organisation isolation with tenant-scoped access
  • Visual graph representation for relationship analysis

Use Cases#

  1. Building visual relationship maps for investigation entities to present network structures clearly to senior analysts or courts
  2. Mapping organisational structures and hierarchies, including directorship chains and beneficial ownership networks
  3. Tracking relationships between persons, locations, and vehicles across complex investigations
  4. Creating classified entity maps with secrecy level controls for intelligence assessments that cannot be shared broadly

Industry Context#

Organised crime units in national police services use entity maps to present criminal network structures to prosecutors. Defence intelligence analysts build classified maps of adversary command hierarchies. Financial regulators diagram beneficial ownership chains to identify undisclosed controllers. Counter-terrorism teams map known associates, travel patterns, and communications nodes for threat assessment briefings.

Integration#

Integrates with entity management and investigation domains. Supports dual-database writes for transactional persistence (PostgreSQL) and graph-based relationship traversal (Neo4j).

Open Standards#

  • GraphQL (June 2018 specification): all entity map queries and mutations are exposed through a typed GraphQL API, with nodes and edges modelled as first-class GraphQL types.
  • POLE Model (Persons, Objects, Locations, Events): node categories align to the POLE intelligence data model used by law enforcement and national policing bodies to classify investigation entities.
  • Traffic Light Protocol (TLP): entity map secrecy levels include TLP:WHITE, TLP:GREEN, TLP:AMBER, and TLP:RED, controlling sharing permissions in line with the FIRST.org TLP standard.
  • EU Council Decision 2013/488/EU: the EU classification hierarchy (EU RESTRICTED through EU TOP SECRET) is implemented as first-class secrecy levels on entity maps for multi-national community-of-interest data sharing.
  • NATO Security Policy C-M(2002)49: NATO classification markings (NATO RESTRICTED, COSMIC CONFIDENTIAL, COSMIC SECRET, COSMIC TOP SECRET) are supported as secrecy levels for allied intelligence assessments.
  • RFC 4122 (UUID): all entity map, node, and edge identifiers are generated as RFC 4122 version-4 UUIDs, ensuring globally unique and portable record references.
  • ISO 8601: creation and update timestamps are serialised in ISO 8601 format for interoperability with external analysis tools and audit consumers.
  • RFC 8259 (JSON): node and edge property payloads are stored and exchanged as standard JSON, enabling arbitrary metadata attachment without schema migration.

Last Reviewed: 2026-02-24 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.