stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
82a49f6743202b4828f46f369474f26ec0a0edf9
git.stella-ops.org/docs/modules/evidence-locker/README.md
StellaOps Bot 82a49f6743 docs consolidation work
2025-12-25 18:50:33 +02:00

1.6 KiB
Raw Blame History

EvidenceLocker

Status: Implemented Source: src/EvidenceLocker/ Owner: Platform Team

Purpose

EvidenceLocker provides sealed, immutable storage for vulnerability scan evidence and audit logs. Ensures tamper-proof evidence chains for compliance and forensic analysis with content-addressable storage and cryptographic sealing.

Components

Services:

  • StellaOps.EvidenceLocker.WebService - HTTP API for evidence submission and retrieval
  • StellaOps.EvidenceLocker.Worker - Background sealing and archival workers

Libraries:

  • StellaOps.EvidenceLocker.Core - Evidence sealing, verification, and chain validation
  • StellaOps.EvidenceLocker.Infrastructure - Storage adapters and evidence bundle management

Configuration

See etc/evidence-locker.yaml.sample for configuration options (if available).

Key settings:

  • Storage backend (filesystem, object storage)
  • Sealing policy (immediate vs. batch)
  • Retention policies
  • Export destinations
  • Authority integration for access control

Dependencies

  • PostgreSQL (schema: evidence_locker)
  • Authority (authentication and authorization)
  • Signer (cryptographic sealing operations)
  • ExportCenter (evidence bundle export)

Related Documentation

  • Operations: ./operations/ (if exists)
  • ExportCenter: ../export-center/
  • Attestor: ../attestor/
  • High-Level Architecture: ../../07_HIGH_LEVEL_ARCHITECTURE.md

Current Status

Implemented with WebService and Worker components. Supports sealed evidence storage with cryptographic verification. Integrated with ExportCenter for audit bundle generation.