Files
awoooi/docs/security/SECURITY-ASSET-CONTROL-LEDGER.md
Your Name 87f1dc8dbc
Some checks failed
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / tests (push) Successful in 1m36s
CD Pipeline / build-and-deploy (push) Successful in 5m9s
CD Pipeline / post-deploy-checks (push) Successful in 2m1s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
fix(iwooos): 標明 AI 自動化資安閉環
2026-06-18 15:00:58 +08:00

121 lines
8.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# IwoooS 資安資產控制總帳
| 項目 | 內容 |
|------|------|
| 日期 | 2026-06-18 |
| 狀態 | `security_asset_control_ledger_ready_no_runtime_action` |
| 工具 | `scripts/security/security-asset-control-ledger.py` |
| Snapshot | `docs/security/security-asset-control-ledger.snapshot.json` |
| 對應優先序 | P0-A 資產 / 配置總清冊 |
| runtime gate | `0` |
## 1. 目的
此總帳把 IwoooS 既有的資安清冊、snapshot、owner gate、事故後回讀計畫與前台防洩漏 guard彙整成一份可重跑的「資安資產控制總帳」。它回答的是
1. 哪些主機、公開入口、版本來源、workflow、監控、Wazuh、Kali、備份、供應鏈、AI agent 與產品 runtime 已進入資安控管視野。
2. 每一類資產目前缺哪一種 owner packet 與脫敏 evidence refs。
3. 哪些動作仍必須維持 `0 / false`,不能因 UI 可見、snapshot 存在或 CD 成功而自動升級。
本文件不是 live host truth也不是主機修復、掃描、封鎖、reload、restart、secret rotation、workflow dispatch、SOAR action 或 production write 授權。
## 1.1 AI 自動化產品契約
IwoooS 的資安總帳不是靜態 CMDB也不是把主機、服務、Nginx、Wazuh、Kali、workflow 與產品頁列成表格就結束。AWOOOI 是 AI 自動化產品,所以每個資安資產群組都必須能被轉成可審核的自動化單元。
每個資安資產群組後續至少要補齊:
| 自動化欄位 | 用途 |
|------------|------|
| `sensor_ref` | 指出訊號來源,例如 Wazuh、Prometheus、SigNoz、Sentry、Gitea Actions、route smoke 或只讀 snapshot。 |
| `normalizer_ref` | 指出 raw signal 如何轉成脫敏事件包,禁止 raw payload 直上前端或 Telegram。 |
| `ai_lane` | 指定 AI 分流例如入侵判讀、主機資源、Nginx drift、供應鏈、runtime gate、owner review。 |
| `candidate_policy` | 定義 AI 可產生哪些候選owner request、dry-run、patch / PR、maintenance window 草案或 verifier plan。 |
| `gate_contract` | 固定 `candidate_only``approval_required``runtime_write_gate=0/1` 與批准來源。 |
| `executor_boundary` | 明確列出可用 executor 與禁止動作,避免預設 kill、restart、reload、firewall change、active scan。 |
| `verifier_ref` | 指向 post-check、route smoke、Wazuh / SIEM readback、receipt readback、production health 或 no-write 驗證。 |
| `learning_writeback_ref` | 指向 Timeline、KM、PlayBook、trust score、報表與前台狀態回寫。 |
若資產群組沒有上述欄位,只能算「已納入只讀視野」,不得宣稱完成 AI 自動化控管。這個契約不會打開 runtime gate它只防止後續把 raw 告警、UI 可見、owner 草稿、CD success 或只讀 snapshot 誤判成真正的 AI 自動化閉環。
## 2. 固定摘要
| 指標 | 值 |
|------|----|
| 資安資產群組 | `16` |
| P0 資產群組 | `14` |
| P1 資產群組 | `2` |
| C0 群組 | `14` |
| C1 群組 | `2` |
| evidence refs | `64` |
| 已存在 evidence refs | `64` |
| 缺失 evidence refs | `0` |
| owner 必填欄位 | `24` |
| reviewer checks | `24` |
| outcome lanes | `10` |
| blocked actions | `44` |
| owner packet required | `16` |
| owner response received / accepted | `0 / 0` |
| live evidence accepted | `0` |
| runtime gate / action button | `0 / 0` |
| P0-A repo 總帳完成度 | `100%` |
| IwoooS headline | 仍維持 `64%` |
## 3. 資產群組與優先序
| 優先 | 群組 | 控制範圍 | 下一步 |
|------|------|----------|--------|
| P0 | Nginx / Public Gateway / Route | 公開入口、API、WebSocket、ACME、admin route、Ollama proxy | 補 live conf、rendered diff、`nginx -t`、route smoke、rollback owner |
| P0 | DNS / TLS / Certbot | domain、certificate path、ACME、renewal owner、TLS route | 補憑證覆蓋依據、到期 metadata、renewal owner、ACME route owner |
| P0 | Docker / systemd / Host Service | compose、systemd、repair-bot、port binding、process / persistence baseline | 補 live hash、incident readback、restart window、rollback owner、post-check |
| P0 | SSH / Firewall / WireGuard / NodePort | SSH、known_hosts、sudoers、firewall、WireGuard、NetworkPolicy、NodePort | 補 actor、before / after、impact、operator notification、restoration evidence |
| P0 | K8s / ArgoCD / GitOps | manifests、ArgoCD、RBAC、NetworkPolicy、CronJob、Velero | 補 ArgoCD revision、health / sync、rendered diff、rollback revision、postcheck owner |
| P0 | Gitea Workflow / Runner / Secret Metadata | workflow、runner、deploy key、webhook、secret name parity、redaction guard | 補 runner attestation、secret injection route、log redaction、Gitea run readback |
| P0 | Gitea / GitHub / Source Control | repo visibility、canonical refs、GitHub primary readiness、branch / tag / workflow boundary | 補 owner response不得自動建 repo、改 visibility、sync refs 或切 primary |
| P0 | Wazuh / Endpoint / SIEM | Wazuh manager、agent、FIM、rule / decoder、event ref、active response dry-run 邊界 | 補 Wazuh health refs、agent refs、event refs 與 no-raw-payload attestation |
| P0 | Kali 112 / Assessment Tooling | Kali health、tool version、scope、finding envelope、maintenance window | 補 scope ref、health ref、normalized finding envelopeactive scan 與 `/execute` 另批 |
| P0 | Monitoring / Alerting / Observability | Prometheus、Alertmanager、Telegram route、SigNoz、Sentry、Langfuse、no-false-green | 補 route owner、receiver diff、receipt evidence、noise budget、reload owner |
| P0 | Backup / Restore / DR / Escrow | backup、restic、offsite、escrow、Velero、restore drill、retention | 補 restore drill、offsite ref、escrow non-secret proof、retention runway、DR scorecard |
| P0 | Harbor / Registry / SBOM / Supply Chain | Harbor、registry、image tag、SBOM、Cosign、SLSA、dependency drift、CVE / KEV | 補 SBOM / VEX / provenance intake、image signing、KEV / EPSS / exposure SLA |
| P0 | Public / Admin / API / Frontend Runtime | public URL、CORS、auth boundary、middleware、webhook、frontend env、i18n redaction | 補 route owner、API readback、CORS diff、desktop / mobile smoke、bundle scan |
| P0 | AI Provider / Model Router / Agent Runtime | OpenClaw、Ollama、NemoTron、Hermes、Gemini、MCP / A2A、tool allowlist、cost / privacy | 補 dry-run、benchmark、cost review、privacy review、fallback order、rollback owner |
| P1 | Product Surface / Runtime Route | AWOOOI、AwoooP、IwoooS、VibeWork、agent-bounty-protocol、StockPlatform、Tsenyang、Bitan | 補逐產品 owner、route、admin、API、backup、webhook、rollback 與 validation 指標 |
| P1 | KM / PlayBook / Script / Schedule / Verifier | incident、approval、repair candidate、manual handoff 的自動化資產沉澱 | 補 incident / approval / manual handoff writeback contract |
## 4. Owner Packet 必填欄位
每個資產群組要從候選進到 reviewer review至少必須具備
`asset_group_id``asset_alias``owner_role``owner_team``business_impact``technical_scope``affected_routes_or_services``data_classification``redacted_evidence_refs``source_of_truth_ref``live_state_ref``config_diff_ref``monitoring_signal_ref``wazuh_or_siem_ref``kali_scope_ref``backup_restore_ref``supply_chain_ref``secret_absence_attestation``raw_payload_absence_attestation``maintenance_window``rollback_owner``postcheck_owner``followup_owner``decision_reason`
## 5. 固定停止線
以下項目仍維持 `0 / false`
- owner response received / accepted。
- live evidence accepted。
- runtime gate / action button。
- host write、SSH read、Nginx reload、firewall change、ArgoCD sync、workflow modification。
- secret value collection。
- Wazuh active response。
- Kali active scan / Kali `/execute`
- Telegram send、SOAR action、auto block、production write。
## 6. 驗證指令
```bash
python3 scripts/security/security-asset-control-ledger.py \
--root . \
--generated-at 2026-06-18T13:44:00+08:00 \
--output docs/security/security-asset-control-ledger.snapshot.json
```
## 7. 完成度
| 工作 | 完成度 | 說明 |
|------|--------|------|
| P0-A repo-side 資安資產控制總帳 | `100%` | 16 個群組、64 個 evidence refs 全部對上 |
| owner packet 收件 | `0%` | 尚未收到或接受 owner response |
| live evidence 驗收 | `0%` | 未 SSH、未讀 live host、未呼叫 Wazuh / Kali |
| runtime / response / containment | `0%` | 未開掃描、封鎖、reload、restart、SOAR、auto block |