d-bis/smoa
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5a8c26cf5d541e5d3a315f6859de4874ab300ee5
smoa/README.md
defiQUG 5a8c26cf5d Backend, sync, infra, docs: ETag, API versioning, k8s, web scaffold, Android 16, domain stubs 
- Backend: ShallowEtagHeaderFilter for /api/v1/*, API-VERSIONING.md, README (tenant, CORS, Flyway, ETag)
- k8s: backend-deployment.yaml (Deployment, Service, Secret/ConfigMap)
- Web: scaffold with directory pull, 304 handling, touch-friendly UI
- Android 16: ANDROID-16-TARGET.md; BuildConfig STUN/signaling, SMOAApplication configures InfrastructureManager
- Domain: CertificateManager revocation stub, ReportService signReports, ZeroTrust/ThreatDetection minimal docs
- TODO.md and IMPLEMENTATION_STATUS.md updated; communications README for endpoint config

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-10 20:37:01 -08:00

148 lines
5.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Secure Mobile Operations Application (SMOA)
**Android Foldable Devices Online / Offline Mission Operations**
> **Constitutional Status**: This repository implements **SMOA**, a Tier-1 canonical sovereign system. See [NOTICE.md](./NOTICE.md) and [CANONICAL_CONSTITUTION.md](../CANONICAL_CONSTITUTION.md) for details.
## Overview
SMOA is a hardened Android-based application designed for deployment on approved foldable mobile devices. The application enables identity presentation, secure internal routing, and mission communications in connected, disconnected, and degraded environments, while enforcing multi-factor authentication, dual biometric verification, and cryptographic data protection.
## Project Structure
```
smoa/
├── app/ # Main application module
├── core/ # Core modules
│ ├── auth/ # Authentication framework
│ ├── security/ # Security infrastructure
│ ├── common/ # Common utilities
│ ├── barcode/ # PDF417 barcode generation
│ ├── as4/ # AS4 gateway messaging
│ ├── eidas/ # eIDAS compliance
│ ├── signing/ # Digital signatures & seals
│ └── certificates/ # Certificate management
├── modules/ # Feature modules
│ ├── credentials/ # Issued credentials
│ ├── directory/ # Internal directory
│ ├── communications/ # Unit communications
│ ├── meetings/ # Secure meetings
│ ├── browser/ # Controlled browser
│ ├── orders/ # Orders management
│ ├── evidence/ # Evidence chain of custody
│ ├── reports/ # Report generation
│ ├── atf/ # ATF form support
│ ├── ncic/ # NCIC/III integration
│ ├── military/ # Military operations
│ ├── judicial/ # Judicial operations
│ └── intelligence/ # Intelligence operations
└── docs/ # Documentation
```
## Features
### Authentication & Security
- Three-factor authentication (PIN + Fingerprint + Facial Recognition)
- Hardware-backed encryption
- Session management
- RBAC framework
- Policy management
### Functional Modules
- **Credentials**: Digital credential presentation with PDF417 barcodes
- **Orders**: Digital orders management with workflow
- **Evidence**: Chain of custody tracking per NIST SP 800-88
- **Reports**: Multi-format report generation (PDF, XML, JSON, CSV)
- **ATF**: ATF form support (4473, Form 1, Form 4)
- **NCIC**: NCIC/III database integration
- **Military**: MIL-STD credential support and classification
- **Judicial**: Court orders, case files, subpoenas
- **Intelligence**: Compartmented access control and source protection
### Compliance Standards
- PDF417 barcode (ISO/IEC 15438)
- AS4 gateway (OASIS AS4 Profile 1.0)
- eIDAS qualified signatures
- ISO 8601 date formatting
- ISO 3166 country codes
- NIST SP 800-88 (evidence handling)
- CJIS Security Policy (NCIC)
- DODI 8500.01 (military security)
## Building
```bash
./gradlew build
```
## Requirements
- Android Studio Hedgehog or later
- JDK 17
- Android SDK 24+ (minimum), 34 (target)
- Gradle 8.2+
## Documentation
See the `docs/` directory for comprehensive documentation:
### Core Documentation
- `reference/SPECIFICATION.md` - Application specification
- `reference/COMPLIANCE_MATRIX.md` - Compliance status matrix
- `reference/COMPLIANCE_EVALUATION.md` - Detailed compliance assessment
- `reference/IMPLEMENTATION_REQUIREMENTS.md` - Technical requirements
- `status/IMPLEMENTATION_STATUS.md` - Current implementation status
### Project Reports
- `reports/completion/` - All completion and progress reports
- `PROJECT_REVIEW.md` - Comprehensive project review and gap analysis
- `PROJECT_REVIEW_SUMMARY.md` - Executive summary
- `FINAL_COMPLETION_REPORT.md` - Final completion report
- `COMPLETE_IMPLEMENTATION_REPORT.md` - Complete implementation report
- And other completion/progress reports
### Documentation Index
- `docs/README.md` - Complete documentation index and navigation guide
- `docs/DOCUMENTATION_RECOMMENDATIONS.md` - Documentation organization recommendations
## Implementation Status
### ✅ Phase 1 Critical Features - 100% Complete
**Security Features:**
- ✅ Screenshot & screen recording prevention
- ✅ VPN integration and enforcement
- ✅ True dual biometric authentication (PIN + Fingerprint + Facial)
- ✅ Database encryption with SQLCipher
- ✅ Hardware-backed key storage
**Functional Modules:**
- ✅ Directory module (complete)
- ✅ Browser module (complete)
- ✅ Communications module (framework complete)
- ✅ Meetings module (framework complete)
- ✅ Credentials, Orders, Evidence, Reports (existing)
**Infrastructure:**
- ✅ Offline synchronization service
- ✅ WebRTC framework
- ✅ Complete dependency injection
- ✅ Navigation framework
- ✅ Test infrastructure (27+ test cases)
### Test Coverage
- **Test Files:** 7 files
- **Test Cases:** 27+ test cases
- **Modules Tested:** 6 modules
- **Coverage:** Foundation complete
### Code Quality
- ✅ Zero linter errors
- ✅ All dependencies configured
- ✅ Architecture patterns followed
## License
Proprietary - Government Use Only
Reference in New Issue View Git Blame Copy Permalink