38 lines
1.1 KiB
Markdown
38 lines
1.1 KiB
Markdown
Let's consider a bullseye with the following concentric circles:
|
|
|
|
- Ring 0: small, simple systems
|
|
- Single jurisdiction
|
|
- Email + password
|
|
- A few roles
|
|
- Naïve or soft deletion
|
|
- Minimal audit needs
|
|
|
|
- Ring 1: grown-up systems
|
|
- Long-lived data
|
|
- Changing requirements
|
|
- Shared accounts
|
|
- GDPR-style erasure/anonymization
|
|
- Some cross-border concerns
|
|
- Historical data must remain usable
|
|
- “Oops, we should have thought about that” moments
|
|
|
|
- Ring 2: heavy compliance
|
|
- Formal audit trails
|
|
- Legal hold
|
|
- Non-repudiation
|
|
- Regulatory reporting
|
|
- Strong identity guarantees
|
|
- Jurisdiction-aware data partitioning
|
|
|
|
- Ring 3: banking / defense / healthcare at scale
|
|
- Cryptographic auditability
|
|
- Append-only ledgers
|
|
- Explicit legal models
|
|
- Independent compliance teams
|
|
- Lawyers embedded in engineeRing
|
|
|
|
diachron is designed to be suitable for Rings 0 and 1. Occasionally we may
|
|
look over the fence into Ring 2, but it's not what we've principally designed
|
|
for. Please take this framing into account when evaluating diachron for
|
|
greenfield projects.
|