Skip to content

Security Architecture

The haagsman.ai Product Suite is built with security as a foundational requirement, not an afterthought. Every product inherits security controls from the shared core library.

Compliance Framework Coverage

Framework Status What it covers
GDPR (EU General Data Protection Regulation) Compliant Data export, deletion, consent tracking, retention limits, DPA
CCPA/CPRA (California Consumer Privacy Act) Compliant Right to know, right to delete, opt-out
HIPAA (Health Insurance Portability and Accountability Act) Ready (with air-gapped deployment) PHI encryption, access controls, audit trails, BAA support
SOC 2 Type II Controls implemented (audit-ready) Security, availability, processing integrity, confidentiality, privacy
ISO 27001 Controls implemented Information security management system
ISO 42001 Controls implemented AI management system (risk, bias, governance)
NIST 800-190 Compliant Container security guidelines
NIST AI RMF Aligned AI risk management framework
EU AI Act Compliant (limited risk) Transparency requirements for AI chatbots
PCI DSS Awareness (no card storage) Invoice processor does not store payment card data

Defense in Depth

Layer 1: Network

  • All products bind to 127.0.0.1 by default — not exposed to the internet
  • TLS 1.3 termination at reverse proxy (nginx, Traefik, or cloud load balancer)
  • Optional mTLS for service-to-service communication
  • Docker network isolation between products

Layer 2: Authentication & Authorization

  • JWT tokens with 15-minute expiry (configurable)
  • API keys with hai_ prefix for programmatic access
  • RBAC: Admin, Operator, Viewer roles with least-privilege permissions
  • Failed auth attempts logged to audit trail
  • No default credentials — secrets generated during installation

Layer 3: Data Protection

  • Encryption at rest: AES-256-GCM with per-deployment keys
  • Encryption in transit: TLS 1.3 (enforced via HSTS header)
  • PII detection: Automatic scanning of content before LLM transmission
  • Prompt injection protection: Input sanitization on all user-facing endpoints
  • Data residency: Ollama deployment keeps all data on-premises

Layer 4: Application Security

  • OWASP security headers on every response (X-Content-Type-Options, X-Frame-Options, HSTS, CSP)
  • Rate limiting per user/key (configurable, default 60/min)
  • Input validation via Pydantic schemas (max lengths, type checking)
  • No shell access in production containers
  • Read-only filesystem where possible

Layer 5: Audit & Monitoring

  • Every API call logged: who, what, when, result, IP address
  • Immutable append-only audit log (GDPR Article 30)
  • Prometheus metrics for anomaly detection
  • Health endpoints for uptime monitoring

Layer 6: Container Security (NIST 800-190)

  • Non-root user inside all containers
  • Minimal base images (python:3.12-slim)
  • No unnecessary packages or tools
  • Resource limits (CPU, memory) per container
  • Docker health checks with auto-restart
  • Dependency pinning in requirements files

AI-Specific Security (ISO 42001 / NIST AI RMF)

Prompt Injection Protection

All user inputs are sanitized before inclusion in LLM prompts:

  • System prompts are hardcoded and separated from user input
  • User content is clearly delimited in prompt construction
  • Response parsing validates expected JSON structure
  • Malformed LLM responses return errors, not unvalidated content

PII Redaction

Before sending content to cloud LLM providers, the PII detector scans for:

  • Email addresses, phone numbers
  • Social Security Numbers, credit card numbers
  • Physical addresses, dates of birth
  • Custom patterns configurable per deployment

When PII is detected: - Cloud providers: PII is redacted before transmission, restored in response - Ollama (local): No redaction needed — data never leaves infrastructure

Model Governance

  • LLM provider and model are configurable per deployment
  • Fallback providers prevent single-point-of-failure
  • All LLM calls are metered (token counts, latency, error rates)
  • No model fine-tuning on client data without explicit consent

Incident Response

In the event of a security incident:

  1. Detection: Audit logs + Prometheus alerts
  2. Containment: Affected container can be stopped without impacting other products
  3. Notification: GDPR requires notification within 72 hours for personal data breaches
  4. Recovery: Docker restart policies + health checks auto-recover
  5. Post-mortem: Audit logs provide full timeline

Contact

For security concerns or to report a vulnerability:

Email: niels@haagsman.ai Response time: Within 24 hours on business days