release orchestrator pivot, architecture and planning

2026-01-10 22:37:22 +02:00
parent c84f421e2f
commit d509c44411
130 changed files with 70292 additions and 721 deletions
--- a/docs/modules/release-orchestrator/security/threat-model.md
+++ b/docs/modules/release-orchestrator/security/threat-model.md
@@ -0,0 +1,207 @@
+# Threat Model
+
+## Overview
+
+This document identifies threats to the Release Orchestrator and their mitigations.
+
+## Threat Categories
+
+### T1: Credential Theft
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Attacker gains access to credentials through database breach |
+| **Attack Vector** | SQL injection, database backup theft, insider threat |
+| **Assets at Risk** | Registry credentials, vault tokens, SSH keys |
+| **Mitigation** | Secrets NEVER stored in database; only vault references stored |
+| **Detection** | Anomalous vault access patterns, failed authentication attempts |
+
+### T2: Token Replay
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Attacker captures and reuses valid JWT tokens |
+| **Attack Vector** | Man-in-the-middle, log file exposure, memory dump |
+| **Assets at Risk** | User sessions, API access |
+| **Mitigation** | Short-lived tokens (15 min), refresh token rotation, TLS everywhere |
+| **Detection** | Token used from unusual IP, concurrent sessions |
+
+### T3: Agent Impersonation
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Attacker registers fake agent to receive deployment tasks |
+| **Attack Vector** | Stolen registration token, certificate forgery |
+| **Assets at Risk** | Deployment credentials, target access |
+| **Mitigation** | One-time registration tokens, mTLS with CA-signed certs |
+| **Detection** | Registration from unexpected network, capability mismatch |
+
+### T4: Digest Tampering
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Attacker modifies container image after release creation |
+| **Attack Vector** | Registry compromise, man-in-the-middle at pull time |
+| **Assets at Risk** | Application integrity, supply chain |
+| **Mitigation** | Digest verification at pull time; mismatch = deployment failure |
+| **Detection** | Pull failures due to digest mismatch |
+
+### T5: Evidence Tampering
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Attacker modifies audit records to hide malicious activity |
+| **Attack Vector** | Database admin access, SQL injection |
+| **Assets at Risk** | Audit integrity, compliance |
+| **Mitigation** | Append-only table, cryptographic signing, no UPDATE/DELETE |
+| **Detection** | Signature verification failure, hash chain break |
+
+### T6: Privilege Escalation
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | User gains permissions beyond their role |
+| **Attack Vector** | Role assignment exploit, permission bypass |
+| **Assets at Risk** | Environment access, approval authority |
+| **Mitigation** | Role-based access, SoD enforcement, audit logs |
+| **Detection** | Unusual permission patterns, SoD violation attempts |
+
+### T7: Supply Chain Attack
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Malicious plugin injected into workflow |
+| **Attack Vector** | Plugin repository compromise, typosquatting |
+| **Assets at Risk** | All environments, all credentials |
+| **Mitigation** | Plugin sandbox, capability declarations, signed manifests |
+| **Detection** | Unexpected network egress, resource anomalies |
+
+### T8: Lateral Movement
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Attacker uses compromised target to access others |
+| **Attack Vector** | Target compromise, credential reuse |
+| **Assets at Risk** | Other targets, environments |
+| **Mitigation** | Short-lived task credentials, scoped permissions |
+| **Detection** | Cross-target credential use, unexpected connections |
+
+### T9: Data Exfiltration
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Attacker extracts logs, artifacts, or configuration |
+| **Attack Vector** | API abuse, log aggregator compromise |
+| **Assets at Risk** | Application data, deployment configurations |
+| **Mitigation** | Encryption at rest, network segmentation, audit logging |
+| **Detection** | Large data transfers, unusual API patterns |
+
+### T10: Denial of Service
+
+| Aspect | Description |
+|--------|-------------|
+| **Threat** | Attacker exhausts resources to prevent deployments |
+| **Attack Vector** | API flooding, workflow loop, agent task spam |
+| **Assets at Risk** | Service availability |
+| **Mitigation** | Rate limiting, resource quotas, circuit breakers |
+| **Detection** | Resource exhaustion alerts, traffic spikes |
+
+## STRIDE Analysis
+
+| Category | Threats | Primary Mitigations |
+|----------|---------|---------------------|
+| **Spoofing** | T3 Agent Impersonation | mTLS, registration tokens |
+| **Tampering** | T4 Digest, T5 Evidence | Digest verification, append-only tables |
+| **Repudiation** | Evidence manipulation | Signed evidence packets |
+| **Information Disclosure** | T1 Credentials, T9 Exfiltration | Vault integration, encryption |
+| **Denial of Service** | T10 Resource exhaustion | Rate limits, quotas |
+| **Elevation of Privilege** | T6 Escalation | RBAC, SoD enforcement |
+
+## Trust Boundaries
+
+```
+┌─────────────────────────────────────────────────────────────────────────────┐
+│                         TRUST BOUNDARIES                                    │
+│                                                                             │
+│  ┌─────────────────────────────────────────────────────────────────────┐   │
+│  │ PUBLIC NETWORK (Untrusted)                                          │   │
+│  │                                                                      │   │
+│  │  Internet, External Users, External Services                        │   │
+│  └─────────────────────────────────────────────────────────────────────┘   │
+│                                │                                            │
+│                                │ TLS + Authentication                       │
+│                                ▼                                            │
+│  ┌─────────────────────────────────────────────────────────────────────┐   │
+│  │ DMZ (Semi-trusted)                                                  │   │
+│  │                                                                      │   │
+│  │  API Gateway, Webhook Gateway                                       │   │
+│  └─────────────────────────────────────────────────────────────────────┘   │
+│                                │                                            │
+│                                │ Internal mTLS                              │
+│                                ▼                                            │
+│  ┌─────────────────────────────────────────────────────────────────────┐   │
+│  │ INTERNAL NETWORK (Trusted)                                          │   │
+│  │                                                                      │   │
+│  │  Stella Core Services, Database, Internal Vault                     │   │
+│  └─────────────────────────────────────────────────────────────────────┘   │
+│                                │                                            │
+│                                │ Agent mTLS                                 │
+│                                ▼                                            │
+│  ┌─────────────────────────────────────────────────────────────────────┐   │
+│  │ DEPLOYMENT NETWORK (Controlled)                                     │   │
+│  │                                                                      │   │
+│  │  Agents, Targets                                                    │   │
+│  └─────────────────────────────────────────────────────────────────────┘   │
+│                                                                             │
+└─────────────────────────────────────────────────────────────────────────────┘
+```
+
+## Data Classification
+
+| Classification | Examples | Protection Requirements |
+|---------------|----------|------------------------|
+| **Critical** | Vault credentials, signing keys | Hardware security, minimal access |
+| **Sensitive** | User tokens, agent certificates | Encryption, access logging |
+| **Internal** | Release configs, workflow definitions | Encryption at rest |
+| **Public** | API documentation, release names | Integrity protection |
+
+## Security Controls Summary
+
+| Control | Implementation | Threats Addressed |
+|---------|----------------|-------------------|
+| mTLS | Agent communication | T3 |
+| Short-lived tokens | 15-min access tokens | T2 |
+| Vault integration | No secrets in DB | T1 |
+| Digest verification | Pull-time validation | T4 |
+| Append-only tables | Evidence immutability | T5 |
+| RBAC + SoD | Permission enforcement | T6 |
+| Plugin sandbox | Resource limits, capability control | T7 |
+| Scoped credentials | Task-specific access | T8 |
+| Encryption | At rest and in transit | T9 |
+| Rate limiting | API and resource quotas | T10 |
+
+## Incident Response
+
+### Detection Signals
+
+| Signal | Indicates | Response |
+|--------|-----------|----------|
+| Digest mismatch at pull | T4 Tampering | Halt deployment, investigate registry |
+| Evidence signature failure | T5 Tampering | Preserve logs, forensic analysis |
+| Unusual agent registration | T3 Impersonation | Revoke agent, review access |
+| SoD violation attempt | T6 Escalation | Block action, alert admin |
+| Plugin network egress | T7 Supply chain | Isolate plugin, review manifest |
+
+### Response Procedures
+
+1. **Contain** - Isolate affected component (revoke token, disable agent)
+2. **Investigate** - Collect logs, evidence packets, audit trail
+3. **Remediate** - Patch vulnerability, rotate credentials
+4. **Recover** - Restore service, verify integrity
+5. **Report** - Document incident, update threat model
+
+## References
+
+- [Security Overview](overview.md)
+- [Agent Security](agent-security.md)
+- [Audit Trail](audit-trail.md)