{ "common_distinctions": [ { "id": "actor-subject-principal", "source_artifacts": [ "model/organization", "model/access-control", "standard/caring" ], "summary": "Use actor for the acting entity in a context, subject for the entity a policy evaluates, and principal for the authenticated identity bound to access decisions.", "title": "Actor vs Subject vs Principal" }, { "id": "organization-role-access-role-caring-role", "source_artifacts": [ "model/organization", "model/access-control", "standard/caring" ], "summary": "Organization roles describe responsibility or position; access roles describe permissions; CARING roles classify access-governance needs and analysis.", "title": "Organization Role vs AccessRole vs CARING role" }, { "id": "policy-control-evidence", "source_artifacts": [ "model/governance", "model/security", "model/observability" ], "summary": "Policy states intent or rule, control implements or enforces that rule, and evidence records why the claim should be trusted.", "title": "Policy vs Control vs Evidence" }, { "id": "intent-scope-purpose", "source_artifacts": [ "kernel/itc-core", "model/governance", "profile/small-saas" ], "summary": "Intent captures why an actor wants something, scope bounds what is included, and purpose captures consumer demand or use case pressure on the repo.", "title": "Intent vs Scope vs Purpose" } ], "infospace": "canon", "item_count": 29, "items": [ { "canonical_path": "kernel/InfoTechCanonCore.md", "id": "kernel/itc-core", "imports": [], "kind": "kernel", "owned_concepts": [ "InfoTechCanon Core" ], "relationships": [], "source_path": "seeds/InfoTechCanonCore_RC1_seed.md", "summary": "Kernel artifact that defines canon structure or integration: InfoTechCanon Core.", "title": "InfoTechCanon Core", "warnings": [] }, { "canonical_path": "kernel/InfoTechCanonKernelMap.md", "id": "kernel/itc-kernel-map", "imports": [], "kind": "kernel", "owned_concepts": [ "InfoTechCanon Kernel Map" ], "relationships": [ { "target": "kernel/itc-core", "type": "maps" }, { "target": "model/information-space", "type": "maps" }, { "target": "model/landscape", "type": "maps" }, { "target": "model/organization", "type": "maps" }, { "target": "model/governance", "type": "maps" }, { "target": "model/task", "type": "maps" }, { "target": "model/access-control", "type": "maps" }, { "target": "model/security", "type": "maps" }, { "target": "model/data", "type": "maps" }, { "target": "model/devsecops", "type": "maps" }, { "target": "model/network", "type": "maps" }, { "target": "model/observability", "type": "maps" }, { "target": "standard/tagging", "type": "maps" }, { "target": "standard/caring", "type": "maps" } ], "source_path": "seeds/InfoTechCanonKernelMap_RC1.md", "summary": "Kernel artifact that defines canon structure or integration: InfoTechCanon Kernel Map.", "title": "InfoTechCanon Kernel Map", "warnings": [] }, { "canonical_path": "models/access-control/InfoTechCanonAccessControlModel.md", "id": "model/access-control", "imports": [ "kernel/itc-core", "model/governance", "model/organization" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Access Control Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/organization", "type": "uses" }, { "target": "model/governance", "type": "uses" } ], "source_path": "seeds/InfoTechCanonAccessControlModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Access Control Model.", "title": "InfoTechCanon Access Control Model", "warnings": [] }, { "canonical_path": "models/data/InfoTechCanonDataModel.md", "id": "model/data", "imports": [ "kernel/itc-core", "model/governance" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Data Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/governance", "type": "uses" } ], "source_path": "seeds/InfoTechCanonDataModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Data Model.", "title": "InfoTechCanon Data Model", "warnings": [] }, { "canonical_path": "models/devsecops/InfoTechCanonDevSecOpsModel.md", "id": "model/devsecops", "imports": [ "kernel/itc-core", "model/security" ], "kind": "model", "owned_concepts": [ "InfoTechCanon DevSecOps Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/security", "type": "uses" } ], "source_path": "seeds/InfoTechCanonDevSecOpsModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon DevSecOps Model.", "title": "InfoTechCanon DevSecOps Model", "warnings": [] }, { "canonical_path": "models/governance/InfoTechCanonGovernanceModel.md", "id": "model/governance", "imports": [ "kernel/itc-core" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Governance Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" } ], "source_path": "seeds/InfoTechCanonGovernanceModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Governance Model.", "title": "InfoTechCanon Governance Model", "warnings": [] }, { "canonical_path": "models/information-space/InfoTechCanonInformationSpaceModel.md", "id": "model/information-space", "imports": [ "kernel/itc-core" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Information Space Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" } ], "source_path": "seeds/InfoTechCanonInformationSpaceModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Information Space Model.", "title": "InfoTechCanon Information Space Model", "warnings": [] }, { "canonical_path": "models/landscape/InfoTechCanonLandscapeModel.md", "id": "model/landscape", "imports": [ "kernel/itc-core" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Landscape Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" } ], "source_path": "seeds/InfoTechCanonLandscapeModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Landscape Model.", "title": "InfoTechCanon Landscape Model", "warnings": [] }, { "canonical_path": "models/network/InfoTechCanonNetworkModel.md", "id": "model/network", "imports": [ "kernel/itc-core", "model/security" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Network Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/security", "type": "uses" } ], "source_path": "seeds/InfoTechCanonNetworkModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Network Model.", "title": "InfoTechCanon Network Model", "warnings": [] }, { "canonical_path": "models/observability/InfoTechCanonObservabilityModel.md", "id": "model/observability", "imports": [ "kernel/itc-core", "model/task" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Observability Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/task", "type": "uses" } ], "source_path": "seeds/InfoTechCanonObservabilityModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Observability Model.", "title": "InfoTechCanon Observability Model", "warnings": [] }, { "canonical_path": "models/organization/InfoTechCanonOrganizationModel.md", "id": "model/organization", "imports": [ "kernel/itc-core" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Organization Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" } ], "source_path": "seeds/InfoTechCanonOrganizationModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Organization Model.", "title": "InfoTechCanon Organization Model", "warnings": [] }, { "canonical_path": "models/security/InfoTechCanonSecurityModel.md", "id": "model/security", "imports": [ "kernel/itc-core", "model/access-control" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Security Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/access-control", "type": "uses" } ], "source_path": "seeds/InfoTechCanonSecurityModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Security Model.", "title": "InfoTechCanon Security Model", "warnings": [] }, { "canonical_path": "models/task/InfoTechCanonTaskModel.md", "id": "model/task", "imports": [ "kernel/itc-core" ], "kind": "model", "owned_concepts": [ "InfoTechCanon Task Model" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" } ], "source_path": "seeds/InfoTechCanonTaskModel_RC1_seed.md", "summary": "Domain model used by canon profiles and standards: InfoTechCanon Task Model.", "title": "InfoTechCanon Task Model", "warnings": [] }, { "canonical_path": "profiles/small-saas/profile.yaml", "id": "profile/small-saas", "imports": [ "kernel/itc-core", "model/access-control", "model/data", "model/devsecops", "model/governance", "model/landscape", "model/network", "model/observability", "model/organization", "model/security", "model/task", "standard/caring", "standard/tagging" ], "kind": "profile", "owned_concepts": [ "Small SaaS System Profile" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/landscape", "type": "requires" }, { "target": "model/organization", "type": "requires" }, { "target": "model/governance", "type": "requires" }, { "target": "model/access-control", "type": "requires" }, { "target": "model/security", "type": "requires" }, { "target": "model/data", "type": "requires" }, { "target": "model/devsecops", "type": "requires" }, { "target": "model/network", "type": "requires" }, { "target": "model/observability", "type": "requires" }, { "target": "model/task", "type": "requires" }, { "target": "standard/tagging", "type": "requires" }, { "target": "standard/caring", "type": "requires" } ], "source_path": "infospace/profiles/small-saas/profile.yaml", "summary": "Profile that constrains canon artifacts for a practical implementation slice: Small SaaS System Profile.", "title": "Small SaaS System Profile", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/control.namespace-per-tenant.yaml", "id": "small-saas/control/namespace-per-tenant", "imports": [ "model/security", "standard/caring" ], "kind": "profile-artifact", "owned_concepts": [ "Namespace Per Tenant Control" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/security", "type": "uses" }, { "target": "standard/caring", "type": "uses" }, { "target": "small-saas/evidence/access-review-2026-05", "type": "evidenced_by" } ], "source_path": "profiles/small-saas/artifacts/control.namespace-per-tenant.yaml", "summary": "Example artifact for the small-saas profile: Namespace Per Tenant Control.", "title": "Namespace Per Tenant Control", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/dataset.subscription-ledger.yaml", "id": "small-saas/dataset/subscription-ledger", "imports": [ "model/data" ], "kind": "profile-artifact", "owned_concepts": [ "Subscription Ledger Dataset" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/data", "type": "uses" }, { "target": "small-saas/service/billing-portal", "type": "owned_by" }, { "target": "small-saas/tenant/acme", "type": "partitioned_for" }, { "target": "small-saas/tenant/globex", "type": "partitioned_for" }, { "target": "small-saas/policy/tenant-isolation", "type": "governed_by" } ], "source_path": "profiles/small-saas/artifacts/dataset.subscription-ledger.yaml", "summary": "Example artifact for the small-saas profile: Subscription Ledger Dataset.", "title": "Subscription Ledger Dataset", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/deployment.production.yaml", "id": "small-saas/deployment/production", "imports": [ "model/devsecops", "model/network" ], "kind": "profile-artifact", "owned_concepts": [ "Production Deployment" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/devsecops", "type": "uses" }, { "target": "model/network", "type": "uses" }, { "target": "small-saas/service/billing-portal", "type": "deploys" }, { "target": "small-saas/tenant/acme", "type": "separates" }, { "target": "small-saas/tenant/globex", "type": "separates" }, { "target": "small-saas/control/namespace-per-tenant", "type": "implements" } ], "source_path": "profiles/small-saas/artifacts/deployment.production.yaml", "summary": "Example artifact for the small-saas profile: Production Deployment.", "title": "Production Deployment", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/evidence.access-review-2026-05.yaml", "id": "small-saas/evidence/access-review-2026-05", "imports": [ "model/observability" ], "kind": "profile-artifact", "owned_concepts": [ "Access Review 2026-05" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/observability", "type": "uses" } ], "source_path": "profiles/small-saas/artifacts/evidence.access-review-2026-05.yaml", "summary": "Example artifact for the small-saas profile: Access Review 2026-05.", "title": "Access Review 2026-05", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/incident.cross-tenant-access-attempt.yaml", "id": "small-saas/incident/cross-tenant-access-attempt", "imports": [ "model/security" ], "kind": "profile-artifact", "owned_concepts": [ "Cross-Tenant Access Attempt" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/security", "type": "uses" }, { "target": "small-saas/control/namespace-per-tenant", "type": "constrained_by" }, { "target": "small-saas/evidence/access-review-2026-05", "type": "evidenced_by" } ], "source_path": "profiles/small-saas/artifacts/incident.cross-tenant-access-attempt.yaml", "summary": "Example artifact for the small-saas profile: Cross-Tenant Access Attempt.", "title": "Cross-Tenant Access Attempt", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/policy.tenant-isolation.yaml", "id": "small-saas/policy/tenant-isolation", "imports": [ "model/governance", "small-saas/control/namespace-per-tenant" ], "kind": "profile-artifact", "owned_concepts": [ "Tenant Isolation Policy" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/governance", "type": "uses" }, { "target": "small-saas/control/namespace-per-tenant", "type": "requires" }, { "target": "small-saas/evidence/access-review-2026-05", "type": "evidenced_by" } ], "source_path": "profiles/small-saas/artifacts/policy.tenant-isolation.yaml", "summary": "Example artifact for the small-saas profile: Tenant Isolation Policy.", "title": "Tenant Isolation Policy", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/service.billing-portal.yaml", "id": "small-saas/service/billing-portal", "imports": [ "model/landscape" ], "kind": "profile-artifact", "owned_concepts": [ "Billing Portal Service" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/landscape", "type": "uses" }, { "target": "small-saas/system/billing-system", "type": "part_of" }, { "target": "small-saas/team/platform", "type": "owned_by" } ], "source_path": "profiles/small-saas/artifacts/service.billing-portal.yaml", "summary": "Example artifact for the small-saas profile: Billing Portal Service.", "title": "Billing Portal Service", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/system.billing-system.yaml", "id": "small-saas/system/billing-system", "imports": [ "model/landscape" ], "kind": "profile-artifact", "owned_concepts": [ "Small SaaS Billing System" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/landscape", "type": "uses" }, { "target": "small-saas/tenant/acme", "type": "serves" }, { "target": "small-saas/tenant/globex", "type": "serves" } ], "source_path": "profiles/small-saas/artifacts/system.billing-system.yaml", "summary": "Example artifact for the small-saas profile: Small SaaS Billing System.", "title": "Small SaaS Billing System", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/task.onboard-tenant.yaml", "id": "small-saas/task/onboard-tenant", "imports": [ "model/task" ], "kind": "profile-artifact", "owned_concepts": [ "Onboard Tenant" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/task", "type": "uses" }, { "target": "small-saas/team/platform", "type": "owned_by" }, { "target": "small-saas/tenant/acme", "type": "changes" }, { "target": "small-saas/policy/tenant-isolation", "type": "governed_by" } ], "source_path": "profiles/small-saas/artifacts/task.onboard-tenant.yaml", "summary": "Example artifact for the small-saas profile: Onboard Tenant.", "title": "Onboard Tenant", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/team.platform.yaml", "id": "small-saas/team/platform", "imports": [ "model/organization" ], "kind": "profile-artifact", "owned_concepts": [ "Platform Team" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/organization", "type": "uses" } ], "source_path": "profiles/small-saas/artifacts/team.platform.yaml", "summary": "Example artifact for the small-saas profile: Platform Team.", "title": "Platform Team", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/tenant.acme.yaml", "id": "small-saas/tenant/acme", "imports": [ "model/organization" ], "kind": "profile-artifact", "owned_concepts": [ "Acme Tenant" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/organization", "type": "uses" }, { "target": "small-saas/user/ada-admin", "type": "represented_by" }, { "target": "small-saas/control/namespace-per-tenant", "type": "isolated_by" } ], "source_path": "profiles/small-saas/artifacts/tenant.acme.yaml", "summary": "Example artifact for the small-saas profile: Acme Tenant.", "title": "Acme Tenant", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/tenant.globex.yaml", "id": "small-saas/tenant/globex", "imports": [ "model/organization" ], "kind": "profile-artifact", "owned_concepts": [ "Globex Tenant" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/organization", "type": "uses" }, { "target": "small-saas/control/namespace-per-tenant", "type": "isolated_by" } ], "source_path": "profiles/small-saas/artifacts/tenant.globex.yaml", "summary": "Example artifact for the small-saas profile: Globex Tenant.", "title": "Globex Tenant", "warnings": [] }, { "canonical_path": "profiles/small-saas/artifacts/user.ada-admin.yaml", "id": "small-saas/user/ada-admin", "imports": [ "model/access-control", "model/organization" ], "kind": "profile-artifact", "owned_concepts": [ "Ada Admin" ], "relationships": [ { "target": "profile/small-saas", "type": "instantiates" }, { "target": "model/organization", "type": "uses" }, { "target": "model/access-control", "type": "uses" }, { "target": "small-saas/team/platform", "type": "member_of" }, { "target": "small-saas/policy/tenant-isolation", "type": "has_access_under" }, { "target": "small-saas/evidence/access-review-2026-05", "type": "access_evidenced_by" } ], "source_path": "profiles/small-saas/artifacts/user.ada-admin.yaml", "summary": "Example artifact for the small-saas profile: Ada Admin.", "title": "Ada Admin", "warnings": [] }, { "canonical_path": "standards/caring/InfoTechCanonCaringAccessGovernanceStandard.md", "id": "standard/caring", "imports": [ "kernel/itc-core", "model/access-control", "model/data", "model/devsecops", "model/governance", "model/network", "model/observability", "model/organization", "model/security", "model/task", "standard/tagging" ], "kind": "standard", "owned_concepts": [ "CARINGAccessDescriptor", "CARINGAnalysisFitnessTest", "CARINGAnalysisProcedure", "CARINGCanonicalRole", "CARINGCapabilityProfile", "CARINGDeclaredAccessMap", "CARINGDerivedCapability", "CARINGEffectiveAccessMap", "CARINGExposureEvent", "CARINGExposureMode", "CARINGInducedAccess", "CARINGOrganizationRelation", "CARINGPlane", "CARINGRedesignProcedure", "CARINGRestrictionPrecedence", "InfoTechCanon CARING Access Governance Standard" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/organization", "type": "imports" }, { "target": "model/governance", "type": "imports" }, { "target": "model/access-control", "type": "imports" }, { "target": "model/security", "type": "imports" }, { "target": "model/data", "type": "imports" }, { "target": "model/devsecops", "type": "imports" }, { "target": "model/network", "type": "imports" }, { "target": "model/observability", "type": "imports" }, { "target": "model/task", "type": "imports" }, { "target": "standard/tagging", "type": "imports" } ], "source_path": "seeds/InfoTechCanonCaringAccessGovernanceStandard.md", "summary": "Cross-cutting canon standard: InfoTechCanon CARING Access Governance Standard.", "title": "InfoTechCanon CARING Access Governance Standard", "warnings": [] }, { "canonical_path": "standards/tagging/InfoTechCanonTaggingStandard.md", "id": "standard/tagging", "imports": [ "kernel/itc-core", "model/task" ], "kind": "standard", "owned_concepts": [ "InfoTechCanon Tagging Standard" ], "relationships": [ { "target": "kernel/itc-core", "type": "conforms_to" }, { "target": "model/task", "type": "imports" } ], "source_path": "seeds/InfoTechCanonTaggingStandard_RC1_seed.md", "summary": "Cross-cutting canon standard: InfoTechCanon Tagging Standard.", "title": "InfoTechCanon Tagging Standard", "warnings": [] } ], "schema": "info-tech-canon.retrieval-index.v1" }