49 lines
1.6 KiB
Markdown
49 lines
1.6 KiB
Markdown
# EvidenceLocker
|
|
|
|
**Status:** Implemented
|
|
**Source:** `src/EvidenceLocker/`
|
|
**Owner:** Platform Team
|
|
|
|
## Purpose
|
|
|
|
EvidenceLocker provides sealed, immutable storage for vulnerability scan evidence and audit logs. Ensures tamper-proof evidence chains for compliance and forensic analysis with content-addressable storage and cryptographic sealing.
|
|
|
|
## Components
|
|
|
|
**Services:**
|
|
- `StellaOps.EvidenceLocker.WebService` - HTTP API for evidence submission and retrieval
|
|
- `StellaOps.EvidenceLocker.Worker` - Background sealing and archival workers
|
|
|
|
**Libraries:**
|
|
- `StellaOps.EvidenceLocker.Core` - Evidence sealing, verification, and chain validation
|
|
- `StellaOps.EvidenceLocker.Infrastructure` - Storage adapters and evidence bundle management
|
|
|
|
## Configuration
|
|
|
|
See `etc/evidence-locker.yaml.sample` for configuration options (if available).
|
|
|
|
Key settings:
|
|
- Storage backend (filesystem, object storage)
|
|
- Sealing policy (immediate vs. batch)
|
|
- Retention policies
|
|
- Export destinations
|
|
- Authority integration for access control
|
|
|
|
## Dependencies
|
|
|
|
- PostgreSQL (schema: `evidence_locker`)
|
|
- Authority (authentication and authorization)
|
|
- Signer (cryptographic sealing operations)
|
|
- ExportCenter (evidence bundle export)
|
|
|
|
## Related Documentation
|
|
|
|
- Operations: `./operations/` (if exists)
|
|
- ExportCenter: `../export-center/`
|
|
- Attestor: `../attestor/`
|
|
- High-Level Architecture: `../../07_HIGH_LEVEL_ARCHITECTURE.md`
|
|
|
|
## Current Status
|
|
|
|
Implemented with WebService and Worker components. Supports sealed evidence storage with cryptographic verification. Integrated with ExportCenter for audit bundle generation.
|