Add security architecture pattern infospace

This commit is contained in:
2026-05-19 07:12:07 +02:00
parent 3ca891de4a
commit 5bb4b40b86
81 changed files with 6836 additions and 0 deletions

View File

@@ -0,0 +1,44 @@
# Pattern: Tenant Audit Log View
Status: seed
Readiness target: RL4 regulated production
Primary owners: product repos, NetKingdom, Railiance platform
Genesis family: Detection and response
## Problem
Enterprise tenants need visibility into relevant security events without
being exposed to platform-only internals or other tenants' data.
## Context
Use this pattern for tenant admin portals, compliance exports, data
access events, privileged tenant actions, and platform actions that
affect a tenant.
## Forces
- Tenants need trust and accountability.
- Platform logs may contain sensitive internal details.
- Event redaction must preserve evidence value.
- Tenant exports require retention and integrity rules.
## Solution
Project central audit events into tenant-scoped views with explicit
visibility rules, redaction, retention, export controls, and access
authorization.
## Verification
- Tenants can see their own relevant events only.
- Platform-only fields are redacted or omitted.
- Tenant audit access is itself audited.
- Exports preserve integrity and retention rules.
## Related Patterns
- Central Audit Ledger.
- Security Event Taxonomy.
- Tenant Context Propagation.
- Object-Level Authorization Check.