From 5b5809541c129563826fbe4ee1448352e1541cae Mon Sep 17 00:00:00 2001
From: Sonali Mendis <smendis@scottlogic.com>
Date: Tue, 5 Mar 2024 14:56:49 +0000
Subject: [PATCH 1/5] initial version of the object store taxonomy

---
 services/storage/object/taxonomy.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 services/storage/object/taxonomy.md

diff --git a/services/storage/object/taxonomy.md b/services/storage/object/taxonomy.md
new file mode 100644
index 00000000..53f8a3b0
--- /dev/null
+++ b/services/storage/object/taxonomy.md
@@ -0,0 +1,28 @@
+# Object Storage Taxonomy
+
+This _service-level taxonomy_ documents the minimual set of features
+that should be present for a service to be considered portable for
+use in financial services ecosystems.
+
+## Taxonomy
+
+| Taxonomy ID | Feature | Description |
+| ----------- | ------- | ----------- |
+| CCC-020101 | Buckets | Concept of having uniquely identifiable containers or buckets to store objects. |
+| CCC-020102 | Scalability - Capacity Limit | Ability to store unlimited number of objects under a given maximum total capacity. |
+| CCC-020103 | Scalability - Object Size Limit | Ability to store large objects under a given maximum object size. |
+| CCC-020104 | Durability | High durability for stored objects through redundancy and replication. |
+| CCC-020105 | Availability | High availability for stored objects through replication over multiple availability zones within a region. |
+| CCC-020106 | Performance - Transaction Rate Limits | High throughput and low latency for read/write operations under a given maximum transaction rate limits.  |
+| CCC-020107 | Performance - Querying | Ability to perform simple select queries to retrieve only a subset of objects from the object store. |
+| CCC-020108 | Storage Classes | Having different storage classes for frequently and infrequently accessed objects. |
+| CCC-020109 | Lifecycle Policies | Ability to define policies to automate data management tasks. |
+| CCC-020110 | Versioning | Ability to keep multiple versions of an object in the same object store (bucket). |
+| CCC-020111 | Metadata | Support storing, accessing, and managing of object metadata for stored objects. |
+| CCC-020112 | Compliance and Governance | Ability to create locks on objects disabling modification or/and deletion of an object for a given period of time. |
+| CCC-020113 | Event Notifications | Publish object level events for creation, deletion and modification of objects allowing users to trigger actions in response. |
+| CCC-020114 | Encryption at Rest | Objects are encrypted when storing using encryption keys. |
+| CCC-020115 | Encryption in Transit | Objects are encrypted in transit, using SSL/TSL. |
+| CCC-020116 | Role Based Access Control | Ability to limit the users/roles who can access the object store. |
+| CCC-020117 | Object Based Access Control | Ability to control access to specific objects on the store. |
+| CCC-020118 | Logging | Ability log access allowing the users to track requests made to the object store. |

From 2b14a0d47cb24683c52cabf511dd930abca6145f Mon Sep 17 00:00:00 2001
From: Sonali Mendis <smendis@scottlogic.com>
Date: Tue, 5 Mar 2024 15:01:00 +0000
Subject: [PATCH 2/5] updates

---
 services/storage/object/taxonomy.md | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/services/storage/object/taxonomy.md b/services/storage/object/taxonomy.md
index 53f8a3b0..24887da1 100644
--- a/services/storage/object/taxonomy.md
+++ b/services/storage/object/taxonomy.md
@@ -9,16 +9,16 @@ use in financial services ecosystems.
 | Taxonomy ID | Feature | Description |
 | ----------- | ------- | ----------- |
 | CCC-020101 | Buckets | Concept of having uniquely identifiable containers or buckets to store objects. |
-| CCC-020102 | Scalability - Capacity Limit | Ability to store unlimited number of objects under a given maximum total capacity. |
-| CCC-020103 | Scalability - Object Size Limit | Ability to store large objects under a given maximum object size. |
-| CCC-020104 | Durability | High durability for stored objects through redundancy and replication. |
-| CCC-020105 | Availability | High availability for stored objects through replication over multiple availability zones within a region. |
-| CCC-020106 | Performance - Transaction Rate Limits | High throughput and low latency for read/write operations under a given maximum transaction rate limits.  |
-| CCC-020107 | Performance - Querying | Ability to perform simple select queries to retrieve only a subset of objects from the object store. |
-| CCC-020108 | Storage Classes | Having different storage classes for frequently and infrequently accessed objects. |
-| CCC-020109 | Lifecycle Policies | Ability to define policies to automate data management tasks. |
-| CCC-020110 | Versioning | Ability to keep multiple versions of an object in the same object store (bucket). |
-| CCC-020111 | Metadata | Support storing, accessing, and managing of object metadata for stored objects. |
+| CCC-020102 | Metadata | Support storing, accessing, and managing of object metadata for stored objects. |
+| CCC-020103 | Scalability - Capacity Limit | Ability to store unlimited number of objects under a given maximum total capacity. |
+| CCC-020104 | Scalability - Object Size Limit | Ability to store large objects under a given maximum object size. |
+| CCC-020105 | Durability | High durability for stored objects through redundancy and replication. |
+| CCC-020106 | Availability | High availability for stored objects through replication over multiple availability zones within a region. |
+| CCC-020107 | Performance - Transaction Rate Limits | High throughput and low latency for read/write operations under a given maximum transaction rate limits.  |
+| CCC-020108 | Performance - Querying | Ability to perform simple select queries to retrieve only a subset of objects from the object store. |
+| CCC-020109 | Storage Classes | Having different storage classes for frequently and infrequently accessed objects. |
+| CCC-020110 | Lifecycle Policies | Ability to define policies to automate data management tasks. |
+| CCC-020111 | Versioning | Ability to keep multiple versions of an object in the same object store (bucket). |
 | CCC-020112 | Compliance and Governance | Ability to create locks on objects disabling modification or/and deletion of an object for a given period of time. |
 | CCC-020113 | Event Notifications | Publish object level events for creation, deletion and modification of objects allowing users to trigger actions in response. |
 | CCC-020114 | Encryption at Rest | Objects are encrypted when storing using encryption keys. |

From 0bffd6585f214d33704968ed0398067c2006fa70 Mon Sep 17 00:00:00 2001
From: Sonali Mendis <smendis@scottlogic.com>
Date: Tue, 5 Mar 2024 15:32:41 +0000
Subject: [PATCH 3/5] address review comments by stevie from scott logic and
 further improvements

---
 services/storage/object/taxonomy.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/services/storage/object/taxonomy.md b/services/storage/object/taxonomy.md
index 24887da1..410d7842 100644
--- a/services/storage/object/taxonomy.md
+++ b/services/storage/object/taxonomy.md
@@ -10,19 +10,19 @@ use in financial services ecosystems.
 | ----------- | ------- | ----------- |
 | CCC-020101 | Buckets | Concept of having uniquely identifiable containers or buckets to store objects. |
 | CCC-020102 | Metadata | Support storing, accessing, and managing of object metadata for stored objects. |
-| CCC-020103 | Scalability - Capacity Limit | Ability to store unlimited number of objects under a given maximum total capacity. |
+| CCC-020103 | Scalability - Capacity Limit | Ability to store unlimited number of objects under a given maximum total capacity per bucket. |
 | CCC-020104 | Scalability - Object Size Limit | Ability to store large objects under a given maximum object size. |
 | CCC-020105 | Durability | High durability for stored objects through redundancy and replication. |
 | CCC-020106 | Availability | High availability for stored objects through replication over multiple availability zones within a region. |
-| CCC-020107 | Performance - Transaction Rate Limits | High throughput and low latency for read/write operations under a given maximum transaction rate limits.  |
-| CCC-020108 | Performance - Querying | Ability to perform simple select queries to retrieve only a subset of objects from the object store. |
+| CCC-020107 | Performance - Transaction Rate Limits | High throughput and low latency for read/write operations under given maximum transaction rate limits.  |
+| CCC-020108 | Performance - Querying | Ability to perform simple select queries to retrieve only a subset of objects from the bucket. |
 | CCC-020109 | Storage Classes | Having different storage classes for frequently and infrequently accessed objects. |
 | CCC-020110 | Lifecycle Policies | Ability to define policies to automate data management tasks. |
-| CCC-020111 | Versioning | Ability to keep multiple versions of an object in the same object store (bucket). |
+| CCC-020111 | Versioning | Ability to keep multiple versions of an object in the same bucket. |
 | CCC-020112 | Compliance and Governance | Ability to create locks on objects disabling modification or/and deletion of an object for a given period of time. |
 | CCC-020113 | Event Notifications | Publish object level events for creation, deletion and modification of objects allowing users to trigger actions in response. |
 | CCC-020114 | Encryption at Rest | Objects are encrypted when storing using encryption keys. |
 | CCC-020115 | Encryption in Transit | Objects are encrypted in transit, using SSL/TSL. |
-| CCC-020116 | Role Based Access Control | Ability to limit the users/roles who can access the object store. |
-| CCC-020117 | Object Based Access Control | Ability to control access to specific objects on the store. |
-| CCC-020118 | Logging | Ability log access allowing the users to track requests made to the object store. |
+| CCC-020116 | Identity Based Access Control | Ability to limit the users/roles who can access the bucket. |
+| CCC-020117 | Object Level Access Control | Ability to control access to specific objects on the bucket. |
+| CCC-020118 | Logging | Ability log access allowing the users/roles to track requests made to the bucket. |

From f98ba3ea3a2116e2224a7c7bfac99a490cc2de41 Mon Sep 17 00:00:00 2001
From: Sonali Mendis <smendis@scottlogic.com>
Date: Wed, 6 Mar 2024 16:43:00 +0000
Subject: [PATCH 4/5] addressed review comments by @rgriffiths-scottlogic

---
 services/storage/object/taxonomy.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/services/storage/object/taxonomy.md b/services/storage/object/taxonomy.md
index 410d7842..564e7cd6 100644
--- a/services/storage/object/taxonomy.md
+++ b/services/storage/object/taxonomy.md
@@ -8,21 +8,21 @@ use in financial services ecosystems.
 
 | Taxonomy ID | Feature | Description |
 | ----------- | ------- | ----------- |
-| CCC-020101 | Buckets | Concept of having uniquely identifiable containers or buckets to store objects. |
+| CCC-020101 | Buckets | Concept of having uniquely identifiable containers in which objects exist. |
 | CCC-020102 | Metadata | Support storing, accessing, and managing of object metadata for stored objects. |
 | CCC-020103 | Scalability - Capacity Limit | Ability to store unlimited number of objects under a given maximum total capacity per bucket. |
 | CCC-020104 | Scalability - Object Size Limit | Ability to store large objects under a given maximum object size. |
 | CCC-020105 | Durability | High durability for stored objects through redundancy and replication. |
-| CCC-020106 | Availability | High availability for stored objects through replication over multiple availability zones within a region. |
+| CCC-020106 | Availability | High availability for stored objects through replication over multiple (availability) zones within a region. |
 | CCC-020107 | Performance - Transaction Rate Limits | High throughput and low latency for read/write operations under given maximum transaction rate limits.  |
 | CCC-020108 | Performance - Querying | Ability to perform simple select queries to retrieve only a subset of objects from the bucket. |
 | CCC-020109 | Storage Classes | Having different storage classes for frequently and infrequently accessed objects. |
 | CCC-020110 | Lifecycle Policies | Ability to define policies to automate data management tasks. |
 | CCC-020111 | Versioning | Ability to keep multiple versions of an object in the same bucket. |
-| CCC-020112 | Compliance and Governance | Ability to create locks on objects disabling modification or/and deletion of an object for a given period of time. |
+| CCC-020112 | Compliance and Governance | Ability to create locks on objects disabling modification and/or deletion of an object for a given period of time. |
 | CCC-020113 | Event Notifications | Publish object level events for creation, deletion and modification of objects allowing users to trigger actions in response. |
-| CCC-020114 | Encryption at Rest | Objects are encrypted when storing using encryption keys. |
-| CCC-020115 | Encryption in Transit | Objects are encrypted in transit, using SSL/TSL. |
-| CCC-020116 | Identity Based Access Control | Ability to limit the users/roles who can access the bucket. |
-| CCC-020117 | Object Level Access Control | Ability to control access to specific objects on the bucket. |
-| CCC-020118 | Logging | Ability log access allowing the users/roles to track requests made to the bucket. |
+| CCC-020114 | Encryption at Rest | Data should be encrypted before storing by default. Should also make the option available for clients to maintain control over the encryptin keys. |
+| CCC-020115 | Encryption in Transit | Ability to encrypt data in transit using SSL/TSL. |
+| CCC-020116 | Identity Based Access Control | Ability to limit the users/roles who can access the object store. |
+| CCC-020117 | Object Level Access Control | Ability to control access to specific objects on the object store. |
+| CCC-020118 | Logging | Ability to log access, allowing the clients to track requests made to the object store. |

From f59f9e0dda4df4bd1e484488c97a12e9915cebf0 Mon Sep 17 00:00:00 2001
From: Sonali Mendis <smendis@scottlogic.com>
Date: Wed, 6 Mar 2024 17:09:37 +0000
Subject: [PATCH 5/5] Signed URLs added

---
 services/storage/object/taxonomy.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/services/storage/object/taxonomy.md b/services/storage/object/taxonomy.md
index 564e7cd6..06517d24 100644
--- a/services/storage/object/taxonomy.md
+++ b/services/storage/object/taxonomy.md
@@ -26,3 +26,4 @@ use in financial services ecosystems.
 | CCC-020116 | Identity Based Access Control | Ability to limit the users/roles who can access the object store. |
 | CCC-020117 | Object Level Access Control | Ability to control access to specific objects on the object store. |
 | CCC-020118 | Logging | Ability to log access, allowing the clients to track requests made to the object store. |
+| CCC-020119 | Signed URLs | Ability to give temporary access to objects and buckets through a signed URL or signed access token. |