Security model
Defence in depth: identity → network → compute → storage → keys → audit.
What it is
Security at AIARCO is layered: any single failure must not lead to a tenant breach. Six layers, in order:
- Identity — every request is authenticated, every action authorised by scope.
- Network — TLS 1.3 only on the control plane, mTLS between control plane and workers, per-project CORS allow-list and optional IP allow-list.
- Compute — VM-grade isolation for sandboxes; per-GPU isolation for inference; kernel-hardened nodes; signed base images.
- Storage — tenant-scoped key namespace; AES-256-GCM at rest; KMS-backed envelope keys; optional BYOK.
- Keys — short-lived JWTs for browsers, scoped API keys for machines, immediate revocation, audit on every read.
- Audit — every state-changing call logged with actor, IP, request-ID and resource ID. 365-day hot retention.
Plus a supply-chain floor: builds run on SLSA-3 builders; every base image is signed; SBOM published per release.
Quickstart
# Verify a build's SLSA provenance
asc supply-chain verify ghcr.io/aiarco/asc-runtime:2026.5client.audit.events.list(actor='alice@example.com', since='-24h')await client.audit.events.list({ actor: 'alice@example.com', since: '-24h' });