Skip to main content

Compliance & Trust Package Ready

Enterprise Governance for the AI Era. ABS Core is engineered to be “Audit Ready” out of the box. This package provides the legal framework, security documentation, and compliance mapping you need to deploy AI Agents in regulated environments.

2. Service Maturity & Isolation Policy

ABS Core prioritizes Security Sovereignty. For components validated for Production, we enforce strict isolated deployment patterns to ensure data zero-trust.
PhaseFeatureDeployment StrategyIsolation Tier
GAPolicy EngineMulti-Tenant ReadyWASM Sandbox
Enterprise StableAudit LedgerEnterprise Isolated IsolationAir-Gapped / Dedicated
Enterprise StablePII RedactorEnterprise Isolated IsolationZero-Access Local

2.2 Maturity Roadmap (Path to GA)

  • Q2 2026: General Availability of the Multi-Tenant Audit Ledger with cross-node sync.
  • Q3 2026: Full PII Redaction Engine certification for high-throughput edge environments.
  • SLA: Standard 99.9% uptime guarantees apply only to GA components in OConnector-managed instances.

3. Regulatory Mapping

ABS Core strictly enforces the controls required by major frameworks.

EU AI Act (High-Risk Systems)

  • Art. 12 (Record-Keeping): Automated by the Immutable Ledger.
  • Art. 14 (Human Oversight): Enforced by the Policy Engine (HITL triggers).
  • Art. 15 (Cybersecurity): Guaranteed by WASM Sandbox and Secret Vault.

SOC 2 & ISO 27001

Your deployment of ABS Core satisfies the following controls:
  • CC6.1 (Logical Access): RBAC via API Keys.
  • CC8.1 (Change Management): Policies-as-Code (GitOps).
  • A1.2 (Audit Trails): Cryptographically signed decision logs.

LGPD / GDPR

Since you host the software, You are the Controller AND the Processor. We are merely the software vendor. This architecture simplifies your compliance burden by keeping all data within your own legal boundary.

4. Forensic Integrity Model (Immutable Ledger)

ABS Core utilizes a Cryptographic Hash Chain to ensure that audit records cannot be altered or deleted without detection.

Technical Specification

  • Algorithm: HMAC-SHA256 with rotation-ready key management.
  • Chain Mechanism: Each decision log contains the previous_hash of the preceding record, forming a tamper-evident linked list (Blockchain-style).
  • Canonical Signing: The DecisionEnvelope is serialized into a canonical format before signing, ensuring that identity, verdict, risk score, and authority are cryptographically bound.
  • Third-Party Verification: We provide a standalone verify-ledger.ts utility that allows external auditors to validate the entire history of AI decisions against the hash chain.
Legal Status: This mechanism provides “Forensic-Grade” proof for regulatory compliance (GDPR, LGPD) and dispute resolution.