ISO/IEC 27001:2022 specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). Annex A provides a reference set of controls. QP Conduit provides infrastructure-level capabilities that support controls in the technological and organizational control categories for internal service networking.
| Control | Title | How Conduit Addresses It |
|---|---|---|
| A.8.9 | Configuration management | services.json maintains the authoritative service registry. The generated Caddyfile defines all routing rules. DNS entries are managed via dnsmasq configuration. All state lives in documented, structured files under the Conduit config directory. |
| A.8.15 | Logging | Every operation writes a structured JSON entry to audit.log with timestamp, action, status, message, user, and details. Error traps capture failures with script name and line number. |
| A.8.16 | Monitoring activities | conduit-status.sh performs active health checks on every registered service: health status, TLS certificate expiry, and DNS resolution. conduit-monitor.sh provides CPU, memory, disk, GPU utilization, and Docker container statistics. |
| A.8.20 | Networks security | Internal DNS (dnsmasq) resolves service names locally. No DNS queries leave the infrastructure. Caddy reverse proxy routes traffic to registered upstreams only. All internal traffic encrypted with TLS 1.3. |
| A.8.21 | Security of network services | Caddy reverse proxy terminates TLS for every registered service. Each service receives its own certificate from the internal Ed25519 CA. conduit-dns.sh --resolve provides resolution verification. Health checks detect service unavailability. |
| A.8.24 | Use of cryptography | Internal CA: Ed25519 (FIPS 186-5). TLS 1.3: X25519 key exchange, AES-256-GCM (FIPS 197). Audit sealing: SHA3-256 (FIPS 202) + Ed25519. No deprecated algorithms (no SHA-1, MD5, RSA, DES, 3DES, RC4, TLS < 1.3). |
| A.8.25 | Secure development lifecycle | Input validation via strict regex ([a-zA-Z0-9_-]) for all service names. set -euo pipefail with ERR traps in all scripts. Zero use of eval in the codebase. |
| A.8.26 | Application security requirements | Per-service TLS certificates signed by the internal Ed25519 CA. Certificate SANs include the service FQDN. TLS 1.3 only (no fallback to older versions). |
| Control | Title | How Conduit Addresses It |
|---|---|---|
| A.5.15 | Access control | Service routing is explicit: conduit-register.sh grants access, conduit-deregister.sh revokes it. No implicit trust, no wildcard routing. Deregistered services are marked inactive with timestamps. |
| A.5.23 | Information security for use of cloud services | Conduit is air-gap compatible with zero runtime internet dependencies. No telemetry, analytics, or license server. All certificates issued locally. Internal DNS resolves locally. |
| A.5.28 | Collection of evidence | audit.log provides structured JSON records of all operations. Capsule Protocol integration provides tamper-evident sealing with SHA3-256 + Ed25519. Hash chain verification confirms completeness. Deregistered services are archived, never deleted. |
| Layer | Algorithm | Standard | FIPS Status |
|---|---|---|---|
| Internal CA | Ed25519 | FIPS 186-5 | FIPS-approved |
| TLS key exchange | X25519 | RFC 7748 | Not FIPS-validated |
| TLS bulk encryption | AES-256-GCM | FIPS 197 / SP 800-38D | FIPS-approved |
| Audit sealing | SHA3-256 + Ed25519 | FIPS 202, FIPS 186-5 | FIPS-approved |
| TLS implementation | Go crypto/tls | RFC 8446 | Not FIPS-validated |
Key management: conduit-certs.sh --rotate provides certificate rotation with audit logging. Per-service certificates are issued at registration time. conduit-certs.sh --inspect enables review of certificate details. conduit-certs.sh --trust installs the CA in the system trust store.
- TLS 1.3 encryption on all internal service traffic
- Internal DNS with no external query leakage
- Managed network access control point (Caddy reverse proxy)
- Structured audit logging with optional tamper-evident sealing
- Certificate lifecycle management (issuance, rotation, inspection, trust)
- Active health monitoring with DNS and TLS expiry checks
- Hardware and container monitoring
- Input validation, defensive scripting
- Air-gap compatible operation with zero telemetry
The following ISO 27001 controls are outside Conduit's scope:
- A.5.1 through A.5.14 Information security policies, roles, segregation of duties: organizational
- A.5.29 through A.5.37 Supplier relationships, business continuity, legal compliance: organizational
- A.6 People controls: HR security, awareness, disciplinary process
- A.7 Physical controls: physical security perimeters, equipment protection
- A.8.2 through A.8.4 Privileged access rights, information access restriction: application-level
- A.8.6 through A.8.8 Capacity management, malware protection, vulnerability management: infrastructure-level
- A.8.10 through A.8.12 Information deletion, data masking, data leakage prevention: application-level
- User identity management and multi-factor authentication: application-level (QP Core)
- FIPS-validated TLS implementation: compile Caddy with BoringCrypto or use a FIPS-validated terminator