Security Model

Security is a foundational design requirement within the Oryvin ecosystem. Identity, authorization, network boundaries, and operational governance are treated as architectural concerns, not later add-ons.

Security philosophy

Identity-centered security

Access to protected services is mediated through authenticated identities, typically using a centralized identity provider and token-based access.

Role-based access control

Authorization decisions are based on roles assigned to authenticated users or service identities.

Controlled service exposure

Backend services are exposed through controlled proxy boundaries rather than being published directly.

Simple keyed access where appropriate

Not every service needs the same access model. Oryvin intentionally uses simpler keyed access for narrow artifact workflows where a full user-facing identity model would add complexity without adding value.

Practical service model

The current service pattern is:

WEIC uses authenticated identities and role-based authorization
Origin uses controlled access appropriate to source retrieval and packaging
DropBoxMini uses API key based access for protected artifact operations
Looker uses tokens to traverse protected surfaces and API keys to publish evidence artifacts
Orchestrator uses the credentials or keys required for the systems it acts upon

Public and protected endpoints

Oryvin uses a deliberate split between public health identity and protected operational functions.

The common rule is:

/health is public
other operational endpoints require authentication or an API key

This allows deployment and runtime diagnostics to remain easy to verify while still protecting operational capabilities.

Infrastructure assumptions

The security architecture assumes:

centralized identity management
hardened system configurations
controlled network boundaries
monitored service exposure

Services are designed to operate within that controlled environment.