Skip to main content

Resource Classification Configuration

FieldValue
Document IDASCEND-GOV-008
Version1.0.0
Last UpdatedMarch 27, 2026
AuthorOW-KAI Engineering
PublisherOW-KAI Technologies Inc.
ClassificationConfidential
ComplianceSOC 2 CC6.1, NIST AC-3, PCI-DSS 7.1

Reading Time: 10 minutes | Skill Level: Advanced

Overview

Resource Classification Configuration allows administrators to define sensitivity tiers and risk score modifiers for each resource type in their organization. When an AI agent submits an action, ASCEND looks up the resource type against the admin-defined classification table to determine the correct sensitivity tier and risk multiplier.

This implements a defense-in-depth model: the platform trusts admin-defined classifications over agent-declared sensitivity. Agents cannot downgrade the sensitivity of a resource type that an administrator has classified as critical.

Key principles:

  • Admin authority: Administrator-defined classifications always override agent-declared sensitivity levels.
  • Fail-secure default: Any resource type not found in the classification table defaults to CRITICAL sensitivity with a 1.5x risk multiplier.
  • Tenant isolation: Classifications are scoped per organization via Row Level Security (RLS). One tenant's classifications are invisible to another.
  • Audit trail: Every create, update, and deactivation is logged as an immutable CONFIG_CHANGE event with before/after state.

How It Works

When an agent submits an action with a resource_type field, the classification resolution engine follows this flow:

The resolution follows three paths:

ConditionBehaviorRisk Impact
resource_type present and classification foundAdmin-defined tier and modifier appliedModifier from classification (0.1x to 3.0x)
resource_type present but no classification foundFail-secure: CRITICAL tier, 1.5x modifierElevated risk score until admin configures the type
resource_type absent from action payloadNo override applied; existing flow unchangedStandard risk calculation without resource modifier

Sensitivity Tiers

Each classification maps a resource type to one of four sensitivity tiers. The tier determines the data_sensitivity field injected into the risk pipeline and controls whether the contains_pii flag is set.

TierRisk Posturecontains_piiTypical Use
LOWMinimal sensitivity; routine operationsfalsePublic documentation, non-sensitive logs, static assets
MEDIUMModerate sensitivity; standard business datafalseInternal APIs, application configuration, workflow state
HIGHElevated sensitivity; personal or financial datatrueCustomer records, payment data, HR systems
CRITICALMaximum sensitivity; regulated or privileged datatrueEncryption keys, secrets managers, production databases, PII stores

The risk_score_modifier field applies a multiplier (0.1x to 3.0x) to the weighted risk score calculated by the risk assessment engine. For example, a resource classified as CRITICAL with a 2.0x modifier will double the computed risk score for any action targeting that resource type.

Fail-Secure Default

When an agent references a resource type that has no active classification in the tenant's configuration, ASCEND applies fail-secure defaults:

ParameterDefault ValueRationale
sensitivity_tiercriticalUnknown resources are treated as maximally sensitive
risk_score_modifier1.5Elevated multiplier ensures human review for unclassified resources
contains_piitrueConservative assumption until admin classifies the resource

This design ensures that newly introduced resource types cannot bypass governance controls. The fail-secure behavior persists until an administrator explicitly creates a classification for the resource type.

Deactivating an existing classification also triggers fail-secure behavior. The deactivation confirmation in the UI warns administrators that actions using the deactivated resource type will default to CRITICAL sensitivity.

API Reference

All endpoints require admin role (admin, org_admin, or super_admin) and enforce tenant isolation via the organization_id derived from the authenticated session.

Base path: /api/v1/resource-classifications

List Classifications

GET /api/v1/resource-classifications

Query parameters:

ParameterTypeDefaultDescription
sensitivity_tierstringFilter by tier: low, medium, high, critical
is_activebooleanFilter by active status
limitinteger100Maximum results (1-1000)
offsetinteger0Pagination offset

Response:

{
  "classifications": [
    {
      "id": 1,
      "organization_id": 4,
      "resource_type": "database",
      "display_name": "Relational Database",
      "description": "Production RDS instances",
      "sensitivity_tier": "critical",
      "risk_score_modifier": 2.0,
      "is_active": true,
      "created_at": "2026-03-27T14:30:00+00:00",
      "updated_at": "2026-03-27T14:30:00+00:00",
      "created_by": "admin@acme.com",
      "updated_by": "admin@acme.com"
    }
  ],
  "total": 1
}

Create Classification

POST /api/v1/resource-classifications

Request body:

{
  "resource_type": "database",
  "display_name": "Relational Database",
  "description": "Production RDS instances",
  "sensitivity_tier": "critical",
  "risk_score_modifier": 2.0
}

Validation rules:

FieldConstraint
resource_typeRequired, 1-100 characters, normalized to lowercase, unique per organization
display_nameRequired, 1-255 characters
sensitivity_tierRequired, must be low, medium, high, or critical
risk_score_modifierRequired, float between 0.1 and 3.0

Response: 201 Created with the full classification object.

Error responses:

StatusCondition
409 ConflictResource type already exists for this organization
422 Unprocessable EntityValidation failure (invalid tier, modifier out of range, empty fields)
403 ForbiddenCaller does not have admin role

Update Classification

PUT /api/v1/resource-classifications/{id}

All fields are optional. The resource_type field cannot be changed after creation.

{
  "display_name": "Production Database",
  "sensitivity_tier": "high",
  "risk_score_modifier": 1.8,
  "is_active": true
}

Response: 200 OK with the updated classification object.

Deactivate Classification

DELETE /api/v1/resource-classifications/{id}

Performs a soft delete by setting is_active = false. The classification record is retained for audit purposes.

Response:

{
  "success": true,
  "message": "Classification 'database' deactivated. Actions using this resource type will default to CRITICAL sensitivity (fail-secure)."
}

Configuration via UI

The Resource Classifications management interface is accessible from Settings > Resource Classifications in the ASCEND admin console.

Adding a Classification

  1. Navigate to Settings and select the Resource Classifications tab.
  2. Click + Add Classification.
  3. Enter the resource type identifier (e.g., database, s3, lambda). This value is normalized to lowercase and must be unique within your organization.
  4. Provide a display name and optional description.
  5. Select the sensitivity tier from the dropdown.
  6. Set the risk score modifier (0.1x to 3.0x).
  7. Click Create to save.

Editing a Classification

Click Edit on any active classification to modify its display name, description, sensitivity tier, or risk score modifier. The resource type identifier cannot be changed after creation. All changes are recorded in the audit trail with before and after values.

Deactivating a Classification

Click Deactivate on any active classification. A confirmation dialog warns that actions using this resource type will default to CRITICAL sensitivity under fail-secure rules. Deactivated classifications can be reactivated by toggling the Show deactivated checkbox and clicking Reactivate.

Caching

Resource classification lookups are cached in Redis with a 5-minute TTL to minimize database load during high-volume action processing.

BehaviorDetail
Cache key formatrc:{organization_id}:{resource_type}
TTL300 seconds (5 minutes)
Negative cachingCache misses are stored as a __miss__ sentinel to prevent repeated database lookups for unrecognized resource types
InvalidationAll cached classifications for the organization are invalidated on any create, update, or deactivate operation
Graceful degradationIf Redis is unavailable, lookups fall back to direct database queries with no impact on correctness

Cache invalidation uses a SCAN-based key deletion pattern (rc:{org_id}:*) to ensure all entries for the affected organization are cleared without impacting other tenants.

Audit Trail

Every classification operation generates an immutable audit event via the ImmutableAuditService. These events are hash-chained and cannot be modified or deleted.

OperationEvent TypeRisk LevelRecorded Data
CreateCONFIG_CHANGEMEDIUMresource_type, sensitivity_tier, risk_score_modifier, display_name
UpdateCONFIG_CHANGEMEDIUMFull before/after state for all modified fields
DeactivateCONFIG_CHANGEHIGHresource_type, sensitivity_tier, soft_deleted flag, fail-secure effect statement

All audit events include:

  • actor_id: Email of the administrator who performed the action
  • organization_id: Tenant scope
  • ip_address: Source IP from the request
  • compliance_tags: ["SOX", "CONFIG_MANAGEMENT", "AUDIT_TRAIL"]

The elevated HIGH risk level on deactivation events reflects the security impact of removing a classification, which causes the affected resource type to default to fail-secure CRITICAL handling.

Compliance Mapping

RequirementStandardImplementation
Least privilege access controlSOC 2 CC6.1Admin role required for all classification operations; RLS enforces tenant isolation
Access enforcementNIST AC-3Admin-defined classifications override agent-declared sensitivity; fail-secure defaults prevent bypass
Role-based access controlPCI-DSS 7.1Only admin, org_admin, and super_admin roles can manage classifications
Configuration change managementSOXAll changes logged with before/after state in immutable audit trail
Audit trail generationSOC 2 CC7.2Hash-chained audit events for every create, update, and deactivate operation
Data classificationNIST SI-12Sensitivity tiers map resource types to data protection requirements
Fail-secure designNIST SC-24Unrecognized resource types default to maximum sensitivity to prevent governance bypass