Update schema, fix taxonomies accordingly.

diamond-model/machinetag.json

@@ -3,7 +3,7 @@
   "expanded": "Diamond Model for Intrusion Analysis",
   "description": "The Diamond Model for Intrusion Analysis, a phase-based model developed by Lockheed Martin, aims to help categorise and identify the stage of an attack.",
   "version": 1,
-  "ref": [
+  "refs": [
     "http://www.activeresponse.org/wp-content/uploads/2013/07/diamond.pdf"
   ],
   "predicates": [

malware_classification/machinetag.json

@@ -1,7 +1,7 @@
 {
   "namespace": "malware_classification",
   "description": "Classification based on different categories. Based on https://www.sans.org/reading-room/whitepapers/incident/malware-101-viruses-32848",
-  "version": 1,
+  "version": 2,
   "predicates": [
     {
       "value": "malware-category",
@@ -89,10 +89,6 @@
           "value": "armouring",
           "expanded": "armouring"
         },
-        {
-          "value": "encryption",
-          "expanded": "encryption"
-        },
         {
           "value": "tunneling",
           "expanded": "tunneling"

schema.json

@@ -2,11 +2,78 @@
   "$schema": "http://json-schema.org/schema#",
   "title": "Validator for misp-taxonomies",
   "id": "https://www.github.com/MISP/misp-taxonomies/schema.json",
+  "defs": {
+    "predicate": {
+      "type": "object",
+      "additionalProperties": false,
+      "properties": {
+        "value": {
+          "type": "string"
+        },
+        "colour": {
+          "type": "string"
+        },
+        "description": {
+          "type": "string"
+        },
+        "numerical_value": {
+          "type": "number"
+        },
+        "expanded": {
+          "type": "string"
+        }
+      },
+      "required": [
+        "value"
+      ]
+    },
+    "entry": {
+      "type": "object",
+      "additionalProperties": false,
+      "properties": {
+        "predicate": {
+          "type": "string"
+        },
+        "entry": {
+          "type": "array",
+          "uniqueItems": true,
+          "items": {
+            "type": "object",
+            "additionalProperties": false,
+            "properties": {
+              "value": {
+                "type": "string"
+              },
+              "description": {
+                "type": "string"
+              },
+              "expanded": {
+                "type": "string"
+              },
+              "numerical_value": {
+                "type": "number"
+              }
+            },
+            "required": [
+              "value"
+            ]
+          }
+        }
+      }
+    },
+    "required": [
+      "predicate"
+    ]
+  },
   "type": "object",
+  "additionalProperties": false,
   "properties": {
     "namespace": {
       "type": "string"
     },
+    "expanded": {
+      "type": "string"
+    },
     "description": {
       "type": "string"
     },
@@ -17,20 +84,30 @@
       "type": "array",
       "uniqueItems": true,
       "items": {
-        "type": "object"
+        "type": "object",
+        "$ref": "#/defs/predicate"
       }
     },
     "values": {
       "type": "array",
       "uniqueItems": true,
       "items": {
-        "type": "object"
+        "type": "object",
+        "$ref": "#/defs/entry"
+      }
+    },
+    "refs": {
+      "type": "array",
+      "uniqueItems": true,
+      "items": {
+        "type": "string"
       }
     }
   },
   "required": [
     "namespace",
     "description",
-    "version"
+    "version",
+    "predicates"
   ]
 }