[{"data":1,"prerenderedAt":53},["ShallowReactive",2],{"arch-deep-/architecture/security":3},{"id":4,"title":5,"body":6,"category":42,"deepPage":43,"description":44,"extension":45,"layer":46,"meta":47,"navigation":48,"path":43,"relatedFlows":49,"replaces":49,"seo":50,"stem":51,"__hash__":52},"architecture/architecture/security.md","Security and Compliance",{"type":7,"value":8,"toc":35},"minimark",[9,13,18,21,25,28,32],[10,11,12],"p",{},"The operating layer runs on infrastructure controlled by the building owner. Apareé operates within scoped service accounts, against a defined behavioral specification, with no access to data the building has not explicitly granted. Security is not a feature of the operating layer — it is a property of the ownership model.",[14,15,17],"h2",{"id":16},"data-governance","Data governance",[10,19,20],{},"Resident data is owned by the building. The operating layer stores it in the building's cloud tenancy under the building's identity provider. Access to resident records is gated by role-based permissions defined in the deployment agreement. Apareé's bureau staff have no standing access; bureau access is opportunistic, scoped, audited, and revocable by the owner at any time.",[14,22,24],{"id":23},"encryption-and-access-control","Encryption and access control",[10,26,27],{},"Data at rest is encrypted using keys held in the owner's key management service. Data in transit is encrypted end-to-end between the resident app, the edge gateway, and the cloud. Service-to-service authentication uses short-lived tokens scoped to specific operations. The principle is consistent across the stack: the smallest possible privilege, the shortest possible duration, the clearest possible audit trail.",[14,29,31],{"id":30},"compliance-posture","Compliance posture",[10,33,34],{},"The operating layer is designed to operate under GDPR and equivalent regional data-protection regimes. Residents have rights of access, correction, portability, and erasure; the operating layer exposes these rights as first-class workflows. Data residency follows the building — a building in the EU runs on EU-hosted infrastructure with EU-resident data, regardless of which bureau operates the warranty. Detailed compliance documentation is provided as part of the deployment package.",{"title":36,"searchDepth":37,"depth":37,"links":38},"",2,[39,40,41],{"id":16,"depth":37,"text":17},{"id":23,"depth":37,"text":24},{"id":30,"depth":37,"text":31},"hardware","/architecture/security","Data governance, GDPR posture, encryption, access control, and the compliance boundary between the bureau and the building.","md","7",{},true,null,{"title":5,"description":44},"architecture/security","CkztcK6pvZKHvpzOshaMl6-IQ6uARmBfy3POFLWNUvs",1779718756836]