Knogin
[Developers]

Security Extension Domain

A detective working a sensitive counter-terrorism case needs access to a classified profile, but the standard role check is not enough: the platform must also verify her clearance level, confirm she is assigned to that c

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domainscomplianceblockchain

Overview#

A detective working a sensitive counter-terrorism case needs access to a classified profile, but the standard role check is not enough: the platform must also verify her clearance level, confirm she is assigned to that case, and check that her current device context meets the organisation's security policy. The Security Extension domain handles that more complex access decision through policy-based evaluation of user attributes, resource properties, and environmental signals. The same module records every access to evidence using a cryptographic proof chain, so that months later in court, the chain of custody is mathematically verifiable. When data must be shared with a partner agency for collaborative analysis, pseudonymisation replaces identifying fields with reversible tokens, protecting source identities without blocking analytical work.

Key Features#

  • Policy-Based Access Control: Define and enforce granular access policies based on user attributes, resource properties, and environmental context, going beyond simple role-based permissions to support complex organisational security requirements.

  • Risk-Adaptive Scoring: Continuously assess access risk based on behavioural patterns, device context, and environmental signals to dynamically adjust security requirements and flag anomalous activity.

  • Privacy-Preserving Analytics: Run analytical queries across sensitive datasets while maintaining individual privacy protections, enabling organisations to derive insights without exposing personal information.

  • Evidence Integrity Verification: Verify that evidence has not been tampered with using cryptographic proof chains, providing court-admissible assurance of evidence authenticity from collection through presentation.

  • Data Pseudonymisation: Replace identifying information with pseudonyms for analysis and sharing scenarios, enabling collaboration and investigation without unnecessary exposure of personal data.

  • Attribute Management: Manage the security attributes associated with users, resources, and environmental conditions that drive access control decisions and risk scoring.

Use Cases#

Advanced policy-based access control and privacy-preserving capabilities matter most in high-classification, multi-agency, or heavily regulated environments. Relevant industries include law enforcement and intelligence, defence, and healthcare.

  • Sensitive Case Access: Restrict access to sensitive investigations based on user clearance level, assigned role, case classification, and need-to-know criteria that go beyond basic role checks.

  • Evidence Chain of Custody: Maintain a cryptographically verifiable record of every access and modification to evidence items, supporting legal admissibility requirements.

  • Cross-Agency Data Sharing: Share investigative data with partner agencies using pseudonymisation to protect source identities while enabling analytical collaboration.

  • Compliance Enforcement: Implement security policies that satisfy regulatory frameworks with automated policy evaluation and comprehensive audit documentation.

Integration#

The Security Extension domain enhances security across the platform:

  • Core Security: Extends the base security domain with advanced access control and privacy capabilities
  • Evidence Management: Integrity verification integrates with evidence lifecycle workflows
  • Investigation Management: Access policies govern investigation visibility and actions
  • Audit and Compliance: Policy evaluations and access decisions are logged for compliance reporting

Open Standards#

  • RFC 6962 (Certificate Transparency): The evidence Merkle ledger applies RFC 6962 domain-separation prefix tags to distinguish leaf hashes from internal-node hashes, preventing the second-preimage collision class when building and verifying cryptographic proof chains.

  • FIPS 180-4 / SHA-256: All Merkle tree hashes, policy bundle fingerprints, HMAC signatures on anchor records, and pseudonymisation reverse-lookup keys are computed with SHA-256, in line with the NIST Secure Hash Standard.

  • RFC 2104 / HMAC-SHA-256: Merkle root anchor records written to object storage are signed with HMAC-SHA-256 so external auditors and courts can detect tampering of anchored evidence after the fact.

  • Attribute-Based Access Control (ABAC), NIST SP 800-162: The policy evaluation engine resolves user, resource, and environmental attributes against versioned policy bundles with deny-override semantics, directly implementing the ABAC model standardised by NIST.

  • Differential Privacy (Laplace mechanism, NIST SP 800-226): Privacy-preserving analytics use the Laplace mechanism with configurable epsilon and per-metric budget accounting, conforming to the formal differential privacy definition standardised by NIST.

  • GDPR / ISO/IEC 29101 (Privacy Architecture Framework): Pseudonymisation tokenisation and the data-subject-rights (DSR) deletion endpoints for tokens and attributes implement data minimisation and erasure obligations from the GDPR and the ISO privacy architecture standard.

  • GraphQL (June 2018 Specification): All security-extension capabilities, policy preview, risk scoring, Merkle proofs, differential-privacy releases, and pseudonymisation, are exposed exclusively through a typed GraphQL API.

  • OAuth 2.0 / OpenID Connect (RFC 6749 / OpenID Connect Core 1.0): Every query and mutation requires a verified bearer token; tenant isolation is derived from claims in the OIDC-issued JWT, so no operation can proceed without a valid access token.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.