Spaces:
Running
Running
Update layers.html
Browse files- layers.html +7 -7
layers.html
CHANGED
|
@@ -376,7 +376,7 @@ orchestration: {
|
|
| 376 |
|
| 377 |
<span class="t">@tool</span>
|
| 378 |
<span class="k">def</span> <span class="f">search_catalog</span>(query: str) -> str:
|
| 379 |
-
<span class="s">"""Search
|
| 380 |
<span class="k">return</span> catalog.search(query, limit=<span class="f">10</span>)
|
| 381 |
|
| 382 |
<span class="t">@tool</span>
|
|
@@ -486,7 +486,7 @@ data: {
|
|
| 486 |
"Graph β Neo4j, ArangoDB (knowledge graphs, entity relationships)",
|
| 487 |
"Document β MongoDB, Elasticsearch (full-text + BM25)",
|
| 488 |
"Cache β Redis, DragonflyDB, Memcached (hot tier)",
|
| 489 |
-
"Object/File β MinIO (S3-compat, S3 Object Lock for WORM/
|
| 490 |
"Ingestion pipeline β web scraping, XML/RSS feeds, PDF parsing, OCR",
|
| 491 |
"Chunking strategies β fixed-size, semantic, parent-child, recursive",
|
| 492 |
"Data versioning β DVC, lakeFS (reproducible experiments)",
|
|
@@ -580,7 +580,7 @@ infrastructure: {
|
|
| 580 |
image: <span class="s">minio/minio:latest</span>
|
| 581 |
command: <span class="s">server /data --console-address ":9001"</span>
|
| 582 |
environment:
|
| 583 |
-
- <span class="s">MINIO_OBJECT_LOCKING=on</span> <span class="c"># WORM for
|
| 584 |
patterns:`<svg viewBox="0 0 340 90" xmlns="http://www.w3.org/2000/svg">
|
| 585 |
<text x="8" y="14" fill="#38bdf8" font-size="8" font-family="IBM Plex Mono" font-weight="600">Deployment Pipeline</text>
|
| 586 |
<rect x="8" y="28" width="55" height="22" rx="4" fill="none" stroke="#6a7a9b" stroke-width="1"/>
|
|
@@ -606,21 +606,21 @@ infrastructure: {
|
|
| 606 |
security: {
|
| 607 |
title:"Security & Compliance", color:"var(--c-sec)",
|
| 608 |
overview:{
|
| 609 |
-
purpose:"Applied AT every layer independently β auth at the API gateway, PII redaction in orchestration, output validation at presentation,
|
| 610 |
components:[
|
| 611 |
"Authentication β OAuth2, OIDC, JWT, SAML, Keycloak",
|
| 612 |
"Authorization β RBAC, ABAC, OPA policies, row-level security",
|
| 613 |
"AI Safety β Llama Guard 3, NeMo Guardrails, Claude built-in moderation",
|
| 614 |
"PII detection & redaction β Presidio, custom NER, regex (multi-language DE/NL/FR)",
|
| 615 |
"Prompt injection defense β input sanitization, output validation, sandwich defense",
|
| 616 |
-
"
|
| 617 |
"Data residency / sovereignty β DE vs NL vs FR data routing (critical for multi-country)",
|
| 618 |
"Rate limiting & abuse prevention β per-user, per-model, per-endpoint",
|
| 619 |
"Cost controls β budget caps per user/team, model access policies",
|
| 620 |
"Content moderation β toxicity, bias, factuality scoring"
|
| 621 |
]
|
| 622 |
},
|
| 623 |
-
stack:["OAuth2","JWT","Keycloak","OPA","Llama Guard 3","NeMo Guardrails","Presidio","RBAC","ABAC","
|
| 624 |
code:`<span class="c"># multi-layer security: applied at each layer</span>
|
| 625 |
|
| 626 |
<span class="c"># β Presentation: rate limit</span>
|
|
@@ -653,7 +653,7 @@ db = get_db_for_country(user.country)
|
|
| 653 |
<rect x="30" y="60" width="290" height="14" rx="3" fill="none" stroke="#7c5cfc" stroke-width="0.8"/>
|
| 654 |
<text x="175" y="70" text-anchor="middle" fill="#6a7a9b" font-size="6" font-family="IBM Plex Mono">LLM: guardrails, output validation, cost caps</text>
|
| 655 |
<rect x="30" y="78" width="290" height="14" rx="3" fill="none" stroke="#f5a623" stroke-width="0.8"/>
|
| 656 |
-
<text x="175" y="88" text-anchor="middle" fill="#6a7a9b" font-size="6" font-family="IBM Plex Mono">Data: encryption, residency,
|
| 657 |
</svg>`
|
| 658 |
},
|
| 659 |
|
|
|
|
| 376 |
|
| 377 |
<span class="t">@tool</span>
|
| 378 |
<span class="k">def</span> <span class="f">search_catalog</span>(query: str) -> str:
|
| 379 |
+
<span class="s">"""Search product catalog."""</span>
|
| 380 |
<span class="k">return</span> catalog.search(query, limit=<span class="f">10</span>)
|
| 381 |
|
| 382 |
<span class="t">@tool</span>
|
|
|
|
| 486 |
"Graph β Neo4j, ArangoDB (knowledge graphs, entity relationships)",
|
| 487 |
"Document β MongoDB, Elasticsearch (full-text + BM25)",
|
| 488 |
"Cache β Redis, DragonflyDB, Memcached (hot tier)",
|
| 489 |
+
"Object/File β MinIO (S3-compat, S3 Object Lock for WORM/GDPR)",
|
| 490 |
"Ingestion pipeline β web scraping, XML/RSS feeds, PDF parsing, OCR",
|
| 491 |
"Chunking strategies β fixed-size, semantic, parent-child, recursive",
|
| 492 |
"Data versioning β DVC, lakeFS (reproducible experiments)",
|
|
|
|
| 580 |
image: <span class="s">minio/minio:latest</span>
|
| 581 |
command: <span class="s">server /data --console-address ":9001"</span>
|
| 582 |
environment:
|
| 583 |
+
- <span class="s">MINIO_OBJECT_LOCKING=on</span> <span class="c"># WORM for GDPR</span>`,
|
| 584 |
patterns:`<svg viewBox="0 0 340 90" xmlns="http://www.w3.org/2000/svg">
|
| 585 |
<text x="8" y="14" fill="#38bdf8" font-size="8" font-family="IBM Plex Mono" font-weight="600">Deployment Pipeline</text>
|
| 586 |
<rect x="8" y="28" width="55" height="22" rx="4" fill="none" stroke="#6a7a9b" stroke-width="1"/>
|
|
|
|
| 606 |
security: {
|
| 607 |
title:"Security & Compliance", color:"var(--c-sec)",
|
| 608 |
overview:{
|
| 609 |
+
purpose:"Applied AT every layer independently β auth at the API gateway, PII redaction in orchestration, output validation at presentation, GDPR compliance in data, cost controls per user.",
|
| 610 |
components:[
|
| 611 |
"Authentication β OAuth2, OIDC, JWT, SAML, Keycloak",
|
| 612 |
"Authorization β RBAC, ABAC, OPA policies, row-level security",
|
| 613 |
"AI Safety β Llama Guard 3, NeMo Guardrails, Claude built-in moderation",
|
| 614 |
"PII detection & redaction β Presidio, custom NER, regex (multi-language DE/NL/FR)",
|
| 615 |
"Prompt injection defense β input sanitization, output validation, sandwich defense",
|
| 616 |
+
"GDPR compliance β workflows, audit trails, data residency per country",
|
| 617 |
"Data residency / sovereignty β DE vs NL vs FR data routing (critical for multi-country)",
|
| 618 |
"Rate limiting & abuse prevention β per-user, per-model, per-endpoint",
|
| 619 |
"Cost controls β budget caps per user/team, model access policies",
|
| 620 |
"Content moderation β toxicity, bias, factuality scoring"
|
| 621 |
]
|
| 622 |
},
|
| 623 |
+
stack:["OAuth2","JWT","Keycloak","OPA","Llama Guard 3","NeMo Guardrails","Presidio","RBAC","ABAC","GDPR","S3 Object Lock"],
|
| 624 |
code:`<span class="c"># multi-layer security: applied at each layer</span>
|
| 625 |
|
| 626 |
<span class="c"># β Presentation: rate limit</span>
|
|
|
|
| 653 |
<rect x="30" y="60" width="290" height="14" rx="3" fill="none" stroke="#7c5cfc" stroke-width="0.8"/>
|
| 654 |
<text x="175" y="70" text-anchor="middle" fill="#6a7a9b" font-size="6" font-family="IBM Plex Mono">LLM: guardrails, output validation, cost caps</text>
|
| 655 |
<rect x="30" y="78" width="290" height="14" rx="3" fill="none" stroke="#f5a623" stroke-width="0.8"/>
|
| 656 |
+
<text x="175" y="88" text-anchor="middle" fill="#6a7a9b" font-size="6" font-family="IBM Plex Mono">Data: encryption, residency, GDPR AI ACT</text>
|
| 657 |
</svg>`
|
| 658 |
},
|
| 659 |
|