smoa/README.md

# Secure Mobile Operations Application (SMOA)

**Android Foldable Devices – Online / Offline Mission Operations**

## Overview

SMOA is a hardened Android-based application designed for deployment on approved foldable mobile devices. The application enables identity presentation, secure internal routing, and mission communications in connected, disconnected, and degraded environments, while enforcing multi-factor authentication, dual biometric verification, and cryptographic data protection.

## Project Structure

```
smoa/
├── app/                          # Main application module
├── core/                         # Core modules
│   ├── auth/                     # Authentication framework
│   ├── security/                 # Security infrastructure
│   ├── common/                   # Common utilities
│   ├── barcode/                  # PDF417 barcode generation
│   ├── as4/                      # AS4 gateway messaging
│   ├── eidas/                    # eIDAS compliance
│   ├── signing/                  # Digital signatures & seals
│   └── certificates/             # Certificate management
├── modules/                      # Feature modules
│   ├── credentials/              # Issued credentials
│   ├── directory/                # Internal directory
│   ├── communications/           # Unit communications
│   ├── meetings/                 # Secure meetings
│   ├── browser/                  # Controlled browser
│   ├── orders/                   # Orders management
│   ├── evidence/                 # Evidence chain of custody
│   ├── reports/                  # Report generation
│   ├── atf/                      # ATF form support
│   ├── ncic/                     # NCIC/III integration
│   ├── military/                 # Military operations
│   ├── judicial/                 # Judicial operations
│   └── intelligence/             # Intelligence operations
└── docs/                         # Documentation
```

## Features

### Authentication & Security
- Three-factor authentication (PIN + Fingerprint + Facial Recognition)
- Hardware-backed encryption
- Session management
- RBAC framework
- Policy management

### Functional Modules
- **Credentials**: Digital credential presentation with PDF417 barcodes
- **Orders**: Digital orders management with workflow
- **Evidence**: Chain of custody tracking per NIST SP 800-88
- **Reports**: Multi-format report generation (PDF, XML, JSON, CSV)
- **ATF**: ATF form support (4473, Form 1, Form 4)
- **NCIC**: NCIC/III database integration
- **Military**: MIL-STD credential support and classification
- **Judicial**: Court orders, case files, subpoenas
- **Intelligence**: Compartmented access control and source protection

### Compliance Standards
- PDF417 barcode (ISO/IEC 15438)
- AS4 gateway (OASIS AS4 Profile 1.0)
- eIDAS qualified signatures
- ISO 8601 date formatting
- ISO 3166 country codes
- NIST SP 800-88 (evidence handling)
- CJIS Security Policy (NCIC)
- DODI 8500.01 (military security)

## Building

```bash
./gradlew build
```

## Requirements

- Android Studio Hedgehog or later
- JDK 17
- Android SDK 24+ (minimum), 34 (target)
- Gradle 8.2+

## Documentation

See the `docs/` directory for comprehensive documentation:

### Core Documentation
- `reference/SPECIFICATION.md` - Application specification
- `reference/COMPLIANCE_MATRIX.md` - Compliance status matrix
- `reference/COMPLIANCE_EVALUATION.md` - Detailed compliance assessment
- `reference/IMPLEMENTATION_REQUIREMENTS.md` - Technical requirements
- `status/IMPLEMENTATION_STATUS.md` - Current implementation status

### Project Reports
- `reports/completion/` - All completion and progress reports
  - `PROJECT_REVIEW.md` - Comprehensive project review and gap analysis
  - `PROJECT_REVIEW_SUMMARY.md` - Executive summary
  - `FINAL_COMPLETION_REPORT.md` - Final completion report
  - `COMPLETE_IMPLEMENTATION_REPORT.md` - Complete implementation report
  - And other completion/progress reports

### Documentation Index
- `docs/README.md` - Complete documentation index and navigation guide
- `docs/DOCUMENTATION_RECOMMENDATIONS.md` - Documentation organization recommendations

## Implementation Status

### ✅ Phase 1 Critical Features - 100% Complete

**Security Features:**
- ✅ Screenshot & screen recording prevention
- ✅ VPN integration and enforcement
- ✅ True dual biometric authentication (PIN + Fingerprint + Facial)
- ✅ Database encryption with SQLCipher
- ✅ Hardware-backed key storage

**Functional Modules:**
- ✅ Directory module (complete)
- ✅ Browser module (complete)
- ✅ Communications module (framework complete)
- ✅ Meetings module (framework complete)
- ✅ Credentials, Orders, Evidence, Reports (existing)

**Infrastructure:**
- ✅ Offline synchronization service
- ✅ WebRTC framework
- ✅ Complete dependency injection
- ✅ Navigation framework
- ✅ Test infrastructure (27+ test cases)

### Test Coverage
- **Test Files:** 7 files
- **Test Cases:** 27+ test cases
- **Modules Tested:** 6 modules
- **Coverage:** Foundation complete

### Code Quality
- ✅ Zero linter errors
- ✅ All dependencies configured
- ✅ Architecture patterns followed

## License

Proprietary - Government Use Only