stella-ops.org/git.stella-ops.org

Files

History

master 15b4a1de6a feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries

- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys.
- Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations.
- Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.

2025-10-31 14:37:45 +02:00

..

README.md

feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries

2025-10-31 14:37:45 +02:00

README.md

Security, Risk & Governance

Authoritative sources for threat models, governance, compliance, and security operations.

Policies & Governance

../13_SECURITY_POLICY.md – responsible disclosure, support windows.
../11_GOVERNANCE.md – project governance charter.
../12_CODE_OF_CONDUCT.md – community expectations.
../17_SECURITY_HARDENING_GUIDE.md – deployment hardening steps.
../security/policy-governance.md – policy governance specifics.
../29_LEGAL_FAQ_QUOTA.md – legal interpretation of quota.
../33_333_QUOTA_OVERVIEW.md – quota policy reference.
../risk/risk-profiles.md – organisational risk personas.

Threat Models & Security Architecture

../security/authority-threat-model.md – Authority service threat analysis.
../security/authority-scopes.md – scope model.
../security/console-security.md – Console posture guidance.
../security/pack-signing-and-rbac.md – pack signing, RBAC guardrails.
../security/policy-governance.md – policy governance controls.
../security/rate-limits.md – rate limiting behaviour.
../security/password-hashing.md – credential storage.

Audit, Revocation & Compliance

../security/audit-events.md – audit event taxonomy.
../security/revocation-bundle.md & ../security/revocation-bundle-example.json – revocation process.
../license-jwt-quota.md – licence/quota enforcement controls.
../30_QUOTA_ENFORCEMENT_FLOW1.md – quota enforcement sequence.
../10_OFFLINE_KIT.md & ../24_OFFLINE_KIT.md – tamper-evident offline artefacts.
../security/ – browse for additional deep dives (audit, scopes, rate limits).

Supporting Material

Module operations security notes: ../../modules/authority/operations/key-rotation.md, ../../modules/concelier/operations/authority-audit-runbook.md, ../../modules/zastava/README.md (runtime enforcement).
../observability/policy.md – security-relevant telemetry for policy.
../updates/2025-10-27-console-security-signoff.md & ../updates/2025-10-31-console-security-refresh.md – recent security sign-offs.