Identity, access control, trust verification, and audit for Smart Spaces & Ambient Intelligence.
Status: Experimental (scaffold) · Config:
examples/solutions/smart-spaces/spanda.security.toml
| Dimension | Mechanism |
|---|---|
| Identity | Human entities, certificates, API keys |
| Certificates | Device attestation via trust framework |
| Encryption | TLS on discovery, MQTT, REST bridges |
| Tamper detection | spanda-tamper integration, device tree flags |
| Threat detection | Anomaly on access patterns (spanda-anomaly) |
| Access control | spanda-smart-locks, capability access_control |
| Trust verification | spanda trust, package trust scores |
| Audit logging | Platform events, compliance export |
Occupant / Visitor (human)
→ capabilities: [enter_zone, unlock_door, …]
→ certifications / expiry
→ trust_level
Door Lock (device)
→ provider: spanda-smart-locks | spanda-matter
→ requires_capability access_control
→ tamper_status
Missions that unlock doors or disable alarms require:
Triggered by operator or automated threat signal:
Example: floor_readiness.sd
Home Assistant, Apple Home, and similar systems may remain the pairing authority. Spanda:
spanda-home-assistant or Matter| Deployment | Profile hook |
|---|---|
| Hospital | Medical compliance template + access audit |
| Hotel | Guest access retention policy |
| Enterprise | SOC2-oriented audit export |
| Residential | Privacy-minimal retention |
spanda trust --config examples/solutions/smart-spaces/spanda.toml
spanda verify examples/solutions/smart-spaces/smart-home/night_mode.sd \
--capabilities --traceability \
--config examples/solutions/smart-spaces/spanda.toml