Architecture Decisions
This page indexes the Architecture Decision Records (ADRs) and key design documents for TriOnyx.
Design Documents
| Document |
Description |
| Security Model |
Three-axis risk model (taint, sensitivity, capability), enforcement layers, violation detection |
| Architecture |
System architecture overview |
Architecture Decision Records
| ADR |
Decision |
| 001 |
Information is the threat, not capability |
| 002 |
Elixir/OTP for the gateway |
| 003 |
Python for the agent runtime and connector |
| 004 |
Go FUSE driver for filesystem policy enforcement |
| 005 |
Bandwidth restriction as taint containment |
| 006 |
Gateway as sole credential holder with automatic sensitivity |
| 007 |
Independent Biba and Bell-LaPadula violation detection |
| 008 |
Risk manifest for file-level provenance tracking |
| 009 |
Graph analysis for transitive risk propagation |
| 010 |
The lethal trifecta -- taint, sensitivity, and capability |