Spaces:

vn6295337
/

Enterprise-AI-Gateway

Sleeping

App Files Files Community

Enterprise-AI-Gateway / docs /security_overview.md

vn6295337

Initial commit: Enterprise-AI-Gateway - Secure LLM gateway

bb0c63f 4 months ago

preview code

raw

history blame contribute delete

4.89 kB

Security Overview

Primary Responsibility: Detailed security architecture, threat model, and compliance

Multi-layer security architecture for the Enterprise AI Gateway.

Security Layers

┌─────────────────────────────────────────────────────────┐
│  Layer 1: Authentication & Rate Limiting                │
│  • API Key validation (X-API-Key header)                │
│  • Rate limiting (10 req/min, configurable)             │
│  • Token limit enforcement (4096 max input)             │
└─────────────────────────────────────────────────────────┘
                          │
                          ▼
┌─────────────────────────────────────────────────────────┐
│  Layer 2: Input Guard                                   │
│  • Prompt injection detection (pattern-based)           │
│  • PII detection (SSN, credit cards, emails, API keys)  │
│  • SQL/Command injection patterns                       │
└─────────────────────────────────────────────────────────┘
                          │
                          ▼
┌─────────────────────────────────────────────────────────┐
│  Layer 3: AI Safety (Gemini + Lakera Guard)             │
│  Primary: Gemini 2.5 Flash content classification       │
│  Fallback: Lakera Guard API                             │
│  Categories: Sexual, Hate, Harassment, Dangerous,       │
│              Civic Integrity, Prompt Injection          │
└─────────────────────────────────────────────────────────┘
                          │
                          ▼
┌─────────────────────────────────────────────────────────┐
│  Layer 4: LLM Router                                    │
│  • Provider authentication                              │
│  • Secure API communication (HTTPS)                     │
│  • Response validation                                  │
└─────────────────────────────────────────────────────────┘

Authentication

API Key Validation

Header: X-API-Key: YOUR_API_KEY
Environment variable: SERVICE_API_KEY
Constant-time comparison to prevent timing attacks

Rate Limiting

Client-Side (Dashboard)

5 requests per 60 seconds
Persisted in sessionStorage
Reset button for demo purposes

Server-Side

SlowAPI rate limiting
Configurable via RATE_LIMIT environment variable
Returns 429 on limit exceeded

Input Validation

PII Detection

Automatically detects and blocks:

Email addresses
Credit card numbers (4x4 digit patterns)
Social Security Numbers (XXX-XX-XXXX)
Tax IDs (XX-XXXXXXX)
API keys (sk_, pk_, api_, bearer_ prefixes)

Prompt Injection Detection

Pattern-based detection for:

"ignore all previous instructions"
"disregard all previous instructions"
"you are now"
"system:" prefixes

AI Safety Layer

Primary: Gemini Classification

Uses Gemini 2.5 Flash to classify content into categories:

Category	Description
SEXUALLY_EXPLICIT	Nude, porn, explicit sexual content
HATE_SPEECH	Racism, discrimination, slurs
HARASSMENT	Threats, bullying, intimidation
DANGEROUS_CONTENT	Weapons, drugs, violence, self-harm
CIVIC_INTEGRITY	Election fraud, voter suppression

Fallback: Lakera Guard

When Gemini fails or times out:

Endpoint: https://api.lakera.ai/v2/guard
Detects prompt injections, jailbreaks, PII, toxicity
Environment variable: LAKERA_API_KEY

Environment Variables

See Configuration Guide for complete environment variable reference.

Data Protection

No persistent storage of user prompts or responses
HTTPS/TLS for all API communications
Environment variables for secrets (never in code)
No logging of sensitive content by default

Compliance

GDPR compliant (data minimization)
OWASP API Security Top 10 aligned
PII auto-detection prevents data leaks