Security & governance
This section covers identity, permissions, policy, traceability, and controlled operational change.
OpenFoundry mapping
services/auth-serviceservices/audit-service- gateway auth and audit middleware
- policy and RBAC contracts in
proto/auth/* - security-oriented smoke and workflow assumptions
Key concerns
- authentication and authorization
- role and policy models
- auditability
- semantic access control
- environment and deployment governance