Spanda

Smart Space Security

Identity, access control, trust verification, and audit for Smart Spaces & Ambient Intelligence.

Status: Experimental (scaffold) · Config: examples/solutions/smart-spaces/spanda.security.toml


Principles

  1. Verify before trust — Locks, cameras, and gateways must pass trust checks before access missions run.
  2. Least privilege — Occupants, visitors, and operators have capability-scoped grants in the entity graph.
  3. Tamper awareness — Device tamper signals block automation and escalate to operators.
  4. Audit everything — Access decisions and overrides append to assurance and audit logs.
  5. No silent bypass — Lockdown and emergency overrides require explicit approval or policy.

Security dimensions

Dimension Mechanism
Identity Human entities, certificates, API keys
Certificates Device attestation via trust framework
Encryption TLS on discovery, MQTT, REST bridges
Tamper detection spanda-tamper integration, device tree flags
Threat detection Anomaly on access patterns (spanda-anomaly)
Access control spanda-smart-locks, capability access_control
Trust verification spanda trust, package trust scores
Audit logging Platform events, compliance export

Access control model

Occupant / Visitor (human)
  → capabilities: [enter_zone, unlock_door, …]
  → certifications / expiry
  → trust_level

Door Lock (device)
  → provider: spanda-smart-locks | spanda-matter
  → requires_capability access_control
  → tamper_status

Missions that unlock doors or disable alarms require:


Lockdown mission

Triggered by operator or automated threat signal:

  1. Readiness — all perimeter locks reachable, cameras recording
  2. Deny visitor capabilities
  3. Notify security operator queue
  4. Produce assurance bundle with timestamped access denials

Example: floor_readiness.sd


Integration with home ecosystems

Home Assistant, Apple Home, and similar systems may remain the pairing authority. Spanda:


Compliance profiles

Deployment Profile hook
Hospital Medical compliance template + access audit
Hotel Guest access retention policy
Enterprise SOC2-oriented audit export
Residential Privacy-minimal retention

See compliance-profiles.md


CLI

spanda trust --config examples/solutions/smart-spaces/spanda.toml
spanda verify examples/solutions/smart-spaces/smart-home/night_mode.sd \
  --capabilities --traceability \
  --config examples/solutions/smart-spaces/spanda.toml