Spaces:
Sleeping
Sleeping
File size: 4,890 Bytes
bb0c63f | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 | # Security Overview
> **Primary Responsibility:** Detailed security architecture, threat model, and compliance
Multi-layer security architecture for the Enterprise AI Gateway.
## Security Layers
```
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Layer 1: Authentication & Rate Limiting β
β β’ API Key validation (X-API-Key header) β
β β’ Rate limiting (10 req/min, configurable) β
β β’ Token limit enforcement (4096 max input) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Layer 2: Input Guard β
β β’ Prompt injection detection (pattern-based) β
β β’ PII detection (SSN, credit cards, emails, API keys) β
β β’ SQL/Command injection patterns β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Layer 3: AI Safety (Gemini + Lakera Guard) β
β Primary: Gemini 2.5 Flash content classification β
β Fallback: Lakera Guard API β
β Categories: Sexual, Hate, Harassment, Dangerous, β
β Civic Integrity, Prompt Injection β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Layer 4: LLM Router β
β β’ Provider authentication β
β β’ Secure API communication (HTTPS) β
β β’ Response validation β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
```
## Authentication
### API Key Validation
- Header: `X-API-Key: YOUR_API_KEY`
- Environment variable: `SERVICE_API_KEY`
- Constant-time comparison to prevent timing attacks
## Rate Limiting
### Client-Side (Dashboard)
- 5 requests per 60 seconds
- Persisted in sessionStorage
- Reset button for demo purposes
### Server-Side
- SlowAPI rate limiting
- Configurable via `RATE_LIMIT` environment variable
- Returns 429 on limit exceeded
## Input Validation
### PII Detection
Automatically detects and blocks:
- Email addresses
- Credit card numbers (4x4 digit patterns)
- Social Security Numbers (XXX-XX-XXXX)
- Tax IDs (XX-XXXXXXX)
- API keys (sk_, pk_, api_, bearer_ prefixes)
### Prompt Injection Detection
Pattern-based detection for:
- "ignore all previous instructions"
- "disregard all previous instructions"
- "you are now"
- "system:" prefixes
## AI Safety Layer
### Primary: Gemini Classification
Uses Gemini 2.5 Flash to classify content into categories:
| Category | Description |
|----------|-------------|
| SEXUALLY_EXPLICIT | Nude, porn, explicit sexual content |
| HATE_SPEECH | Racism, discrimination, slurs |
| HARASSMENT | Threats, bullying, intimidation |
| DANGEROUS_CONTENT | Weapons, drugs, violence, self-harm |
| CIVIC_INTEGRITY | Election fraud, voter suppression |
### Fallback: Lakera Guard
When Gemini fails or times out:
- Endpoint: `https://api.lakera.ai/v2/guard`
- Detects prompt injections, jailbreaks, PII, toxicity
- Environment variable: `LAKERA_API_KEY`
## Environment Variables
See [Configuration Guide](configuration.md) for complete environment variable reference.
## Data Protection
- **No persistent storage** of user prompts or responses
- **HTTPS/TLS** for all API communications
- **Environment variables** for secrets (never in code)
- **No logging** of sensitive content by default
## Compliance
- GDPR compliant (data minimization)
- OWASP API Security Top 10 aligned
- PII auto-detection prevents data leaks
|