The main goal of the ME is to present to the Service Tier a coherent abstraction of the probes, thereby allowing the services to control the collective operation of the probes.
Each event is analysed as a single event or correlated with others by FINSEC platform in order to identify possible cyber-security treats related to Peer-to-Peer payments solutions and blockchain infrastructure.
Specifically, this means that the ME should allow the services to control the probes based on various aspects, such as organizational structure, ownership, physical location, and functionality.
The function of the ME is centered on the concept of policies. A policy is a specification that affects the behaviour of an entity, such as a probe. The name of the policy in conjunction with a set of policy parameters determine the semantics of the policy. The intention of policies is to serve as a layer of abstraction that hides the complex internal behaviour of entities, allowing standardization of similar behaviour across a wide range of concrete entities. This allows the behaviour of concrete probes to be regarded as standardized when the internal workings of existing probes are modified as their functionality is updated, or when new probe types are introduced.
A policy is encoded in the form of the x-policy object type. The important properties of this object are “name”, which should reflect what kind of behaviour a policy controls, and “x_parameters”, which contains a set of properties that governs how the behaviour is to change. The number of policy names should be small, and each should refer to abstract behaviour. When a given policy has been standardized and is stable, it can be implemented by probes, and it can be enacted by services in the Service Tier.