This page maps Open Sesame’s security controls to specific requirements in NIST 800-53,
DISA STIG, PCI-DSS, SOC 2, and FedRAMP. Controls that are fully implemented cite the source
crate or configuration. Controls that depend on design-intent features are marked accordingly.
Control Title Open Sesame Mechanism Status
AC-3 Access Enforcement SecurityLevel clearance hierarchy (core-types/src/security.rs): Open < Internal < ProfileScoped < SecretsOnly. Each daemon registers at a clearance level; messages are routed only to peers at sufficient clearance. CapabilitySet enforces per-agent authorization.Implemented AC-4 Information Flow Enforcement IPC bus enforces sender clearance: a daemon cannot emit messages above its own SecurityLevel. Recipient filtering ensures low-clearance daemons never receive high-clearance messages (core-ipc/src/server.rs). Implemented AC-6 Least Privilege Per-daemon Landlock filesystem sandboxing, seccomp-bpf syscall allowlists, systemd NoNewPrivileges=yes, empty capability bounding set, ProtectSystem=strict. Implemented AC-6(1) Authorize Access to Security Functions Capability::Admin, Capability::Unlock, Capability::Lock restricted to agents with explicit grants. Delegation narrows scope via CapabilitySet.intersection().Implemented AC-6(9) Log Use of Privileged Functions BLAKE3 hash-chained audit log records all vault operations (core-profile). Implemented AC-17 Remote Access Noise IK mutual authentication for all IPC. SSH agent forwarding for remote vault unlock. PrivateNetwork=yes on secrets daemon. Implemented
Control Title Open Sesame Mechanism Status
AU-2 Event Logging Structured JSON logging (global.logging.json = true), journald integration. Events include: unlock/lock, secret CRUD, profile activation, daemon lifecycle. Implemented AU-3 Content of Audit Records Each entry includes: timestamp, agent identity, operation, profile, security level. AgentIdentity provides agent type, delegation chain, attestations. Implemented AU-10 Non-repudiation BLAKE3 hash-chained audit log. Each entry’s hash chains to the previous. sesame audit verify detects tampering. Implemented AU-11 Audit Record Retention Audit chain files persist on disk indefinitely. Retention policy is delegated to the operating environment. Implemented (storage) AU-12 Audit Record Generation All daemons emit structured log events. The audit chain is generated by core-profile’s audit logger. Implemented
Control Title Open Sesame Mechanism Status
IA-2 Identification and Authentication (Organizational Users) AuthFactorId enum: Password, SshAgent, Fido2, Tpm, Fingerprint, Yubikey (core-types/src/auth.rs). Password and SshAgent backends implemented.Partially Implemented IA-2(1) Multi-Factor Authentication to Privileged Accounts AuthCombineMode: Any, All, Policy (core-types/src/auth.rs). Policy mode supports threshold-based MFA (N required factors + M additional).Implemented IA-2(6) Access to Accounts – Separate Device Hardware security keys (FIDO2, YubiKey) as separate physical devices. SSH agent forwarding uses the operator’s local key. Partially Implemented (SSH agent implemented; FIDO2/YubiKey defined but backends not yet implemented) IA-5 Authenticator Management Argon2id KDF (19 MiB, 2 iterations) for password. BLAKE3 domain-separated key derivation. Per-profile salts. Implemented IA-5(2) Public Key-Based Authentication Noise IK X25519 static keys for IPC. SSH agent Ed25519/RSA keys for vault unlock. Implemented
Control Title Open Sesame Mechanism Status
SC-8 Transmission Confidentiality and Integrity Noise IK protocol: X25519 + ChaChaPoly + BLAKE2s with forward secrecy. All IPC authenticated and encrypted. Implemented SC-12 Cryptographic Key Establishment and Management BLAKE3 domain-separated key hierarchy. Master key derived from auth factors. Sub-keys derived via BLAKE3 derive_key with unique context strings per purpose. Implemented SC-13 Cryptographic Protection CryptoConfig (core-types/src/crypto.rs) with configurable algorithm selection. GovernanceCompatible profile uses NIST-approved algorithms (PBKDF2-SHA256, HKDF-SHA256, AES-GCM, SHA-256).Implemented SC-28 Protection of Information at Rest SQLCipher: AES-256-CBC + HMAC-SHA512 per page. Per-profile encryption keys. Implemented SC-28(1) Cryptographic Protection (at Rest) Vault files are encrypted at rest with keys derived from Argon2id KDF output through BLAKE3 domain-separated derivation. Implemented SC-39 Process Isolation Per-daemon systemd services with Landlock, seccomp-bpf, NoNewPrivileges, ProtectSystem=strict. Secrets daemon: PrivateNetwork=yes. Implemented
Control Title Open Sesame Mechanism Status
SI-7 Software, Firmware, and Information Integrity GPG-signed APT packages. SLSA build provenance. OciReference with provenance digest for extensions. WASM extensions identified by content hash (AgentType::Extension { manifest_hash }). Implemented SI-16 Memory Protection memfd_secret(2) removes pages from kernel direct map. Guard pages (PROT_NONE). Volatile zeroize on drop. LimitCORE=0, MADV_DONTDUMP.Implemented
STIG Requirement Open Sesame Mechanism Status
Encrypted storage at rest SQLCipher AES-256-CBC + HMAC-SHA512, per-profile encryption keys Implemented Memory protection for credentials memfd_secret(2), guard pages, canary verification, volatile zeroizeImplemented Audit trail integrity BLAKE3 hash chain with tamper detection via sesame audit verify Implemented Least privilege process isolation Landlock, seccomp-bpf, per-daemon clearance levels, systemd hardening Implemented No core dumps LimitCORE=0 in all daemon services, MADV_DONTDUMP on secure allocationsImplemented Authentication strength Argon2id with memory-hard parameters (19 MiB). Multi-factor support. Implemented Access control for sensitive data SecurityLevel hierarchy, CapabilitySet authorizationImplemented Session management Heartbeat-based delegation with TTL expiry, TrustVector.authz_freshness Implemented (types); Design Intent (runtime enforcement)
Sub-Requirement Open Sesame Mechanism
3.5.1 Restrict access to cryptographic keys Master key held in memfd_secret(2) memory, accessible only to the owning daemon process. Key derivation hierarchy: master key -> per-profile vault key -> SQLCipher page key. 3.5.1.2 Store secret keys in fewest possible locations One master key per installation, derived into per-profile keys. Master key exists only in protected memory; never on disk in plaintext. 3.6.1 Key management procedures sesame init generates keys. AuthCombineMode defines unlock policy. Key rotation via re-enrollment.
Sub-Requirement Open Sesame Mechanism
7.2.1 Access control system CapabilitySet per agent. SecurityLevel per daemon. DelegationGrant for scoped access transfer.7.2.2 Assign access based on job classification Trust profiles map to roles. Each profile has its own vault with its own secrets.
Sub-Requirement Open Sesame Mechanism
8.3.1 All user access authenticated All IPC authenticated via Noise IK. Vault unlock requires enrolled factor(s). 8.3.2 Strong authentication for all access Argon2id (memory-hard). Multi-factor via AuthCombineMode. Hardware factors defined. 8.6.1 System and application accounts managed AgentIdentity with typed AgentType, capability scoping, delegation chains.
Sub-Requirement Open Sesame Mechanism
10.2.1 Audit logs capture events BLAKE3 hash-chained audit log, structured JSON logging. 10.2.1.2 All actions by administrative accounts Capability::Admin operations logged with full agent identity and delegation chain.10.3.1 Audit log protected from tampering Hash chain provides tamper evidence. sesame audit verify detects modification.
Criteria Category Open Sesame Mechanism
CC6.1 Logical and Physical Access Controls SecurityLevel hierarchy, CapabilitySet, Noise IK authentication, per-daemon sandboxCC6.2 Prior to Issuing System Credentials sesame init with factor enrollment. AgentIdentity creation with attestation.CC6.3 Based on Authorization CapabilitySet intersection for delegation. Policy-based approval gates (Design Intent).CC6.6 Restrict Access Landlock, seccomp-bpf, PrivateNetwork=yes (secrets daemon), ProtectHome=read-only CC6.7 Restrict Transmission Noise IK encryption for all IPC. No plaintext secret transmission. CC6.8 Prevent or Detect Unauthorized Software WASM extensions identified by manifest_hash. OciReference with provenance. GPG-signed packages. CC7.1 Monitor Infrastructure systemd watchdog (WatchdogSec=30), structured logging, sesame status CC7.2 Monitor for Anomalies Rate-limited vault unlock attempts. Audit chain verification. CC8.1 Changes to Infrastructure Configuration layered inheritance with PolicyOverride audit trail
FedRAMP baselines inherit from NIST 800-53. The controls mapped in the NIST 800-53 section
above apply to FedRAMP at the corresponding baseline level (Low, Moderate, High).
FedRAMP requires FIPS 140-validated cryptographic modules. Open Sesame provides a
GovernanceCompatible crypto profile (core-types/src/crypto.rs) that selects
NIST-approved algorithms:
Component LeadingEdge (Default) GovernanceCompatible
KDF Argon2id PBKDF2-SHA256 (600K iterations) HKDF BLAKE3 HKDF-SHA256 Noise cipher ChaChaPoly AES-256-GCM Noise hash BLAKE2s SHA-256 Audit hash BLAKE3 SHA-256
The GovernanceCompatible profile uses algorithms that have FIPS 140-validated
implementations in widely-used cryptographic libraries. Open Sesame itself is not
FIPS-validated; deployments requiring FIPS validation must use a FIPS-validated
cryptographic provider at the library level. See
Cryptographic Inventory for the full algorithm inventory.