generated from coulomb/repo-seed
Initial seeding of models, standards
This commit is contained in:
115
spec/views_kernel-overview.md
Normal file
115
spec/views_kernel-overview.md
Normal file
@@ -0,0 +1,115 @@
|
||||
# Kernel Overview
|
||||
|
||||
## First-Generation Kernel
|
||||
|
||||
The current InfoTechCanon kernel is composed of:
|
||||
|
||||
```text
|
||||
Kernel:
|
||||
InfoTechCanonCore
|
||||
InfoTechCanonKernelMap
|
||||
|
||||
Models:
|
||||
InfoTechCanonInformationSpaceModel
|
||||
InfoTechCanonLandscapeModel
|
||||
InfoTechCanonOrganizationModel
|
||||
InfoTechCanonGovernanceModel
|
||||
InfoTechCanonTaskModel
|
||||
InfoTechCanonAccessControlModel
|
||||
InfoTechCanonSecurityModel
|
||||
InfoTechCanonDataModel
|
||||
InfoTechCanonDevSecOpsModel
|
||||
InfoTechCanonNetworkModel
|
||||
InfoTechCanonObservabilityModel
|
||||
|
||||
Standards:
|
||||
InfoTechCanonTaggingStandard
|
||||
InfoTechCanonCaringAccessGovernanceStandard
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Compact Mental Model
|
||||
|
||||
```text
|
||||
Core
|
||||
how the canon works
|
||||
|
||||
Information Space
|
||||
how canon knowledge is stored, linked, retrieved, and reused
|
||||
|
||||
Landscape
|
||||
what exists
|
||||
|
||||
Organization
|
||||
who acts
|
||||
|
||||
Governance
|
||||
how action is directed, constrained, reviewed, and evidenced
|
||||
|
||||
Task
|
||||
what work exists and how it progresses
|
||||
|
||||
Tagging
|
||||
how entities are lightly classified
|
||||
|
||||
Access Control
|
||||
who/what may do which action on which resource under which conditions
|
||||
|
||||
CARING
|
||||
how access governance is analyzed orthogonally across lifecycle, planes, scope, exposure, and effective access
|
||||
|
||||
Security
|
||||
what threatens, weakens, exposes, detects, mitigates, and responds
|
||||
|
||||
Data
|
||||
what data means, how it is structured, classified, traced, and contracted
|
||||
|
||||
DevSecOps
|
||||
how source changes become artifacts, releases, deployments, and evidence
|
||||
|
||||
Network
|
||||
how communication, reachability, addressing, routing, policy, and exposure work
|
||||
|
||||
Observability
|
||||
how runtime reality becomes signals, evidence, alerts, health, and feedback
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Primary Kernel Rule
|
||||
|
||||
```text
|
||||
Generic mechanisms belong in Core.
|
||||
Domain meaning belongs in Models.
|
||||
Named analytical/design frameworks belong in Standards.
|
||||
Concrete implementation constraints belong in Profiles.
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## CARING Position
|
||||
|
||||
CARING is a specialized access-governance standard. It should live under:
|
||||
|
||||
```text
|
||||
standards/caring/InfoTechCanonCaringAccessGovernanceStandard.md
|
||||
```
|
||||
|
||||
It should import from:
|
||||
|
||||
```text
|
||||
Core
|
||||
Organization
|
||||
Governance
|
||||
Access Control
|
||||
Security
|
||||
Data
|
||||
DevSecOps
|
||||
Network
|
||||
Observability
|
||||
Task
|
||||
Tagging
|
||||
```
|
||||
|
||||
It should not be flattened into Access Control because it owns a distinctive orthogonal descriptor model.
|
||||
Reference in New Issue
Block a user