Seguridad y gobierno
Los datos permanecen en tu red.
La AI trabaja dentro de permisos.
ObjectOS es un runtime autohospedado que corre en tu infraestructura. Registros de negocio, identidades, auditoría, archivos y secretos siguen bajo tu control; los agentes de AI acceden a objetos mediante herramientas gobernadas y heredan permisos del usuario conectado.
- Agent
- inherits user identity
- Tool
- governed access path
- Audit
- approval and evidence
Modelo de seguridad para agentes de AI
Modelo de seguridad para agentes de AI
ObjectOS no trata al modelo como administrador. La AI usa herramientas declarativas, las entradas se validan, los cambios pasan por aprobación y cada llamada respeta el mismo sistema de permisos.
- 01
Acts as a user
An agent represents a signed-in user, not an unrestricted service account. If the user cannot see a record, the agent cannot see it either.
- 02
Uses governed tools
Agents call structured query, action, and metadata tools instead of owning a raw database connection or dumping whole tables into prompts.
- 03
Queues changes
Tools that modify metadata or sensitive state enter a pending-action queue so reviewers can inspect the diff before applying it.
- 04
Leaves evidence
Conversations, tool calls, reads, writes, approvals, rejections, and permission changes can be written to audit logs.
Residencia de datos
Residencia de datos
ObjectOS no exige mover datos de negocio a nuestra nube. El runtime se conecta a tus bases de datos, almacenamiento e identidad.
| Datos | Ubicación | ¿Sale de la red? |
|---|---|---|
| Business records | Your database | No |
| Users, sessions, OAuth tokens | Your database | No |
| Audit logs | Your database | No |
| Uploaded files | Local disk, S3, or R2 | No |
| Secrets and settings | Your secret manager or encrypted settings store | No |
| AI request context | Your chosen model provider or local model | Only if you configure an external model |
Límite de despliegue
Límite de despliegue
La forma predeterminada es amigable para redes empresariales: un runtime Node.js, tu base de datos, tus secretos y tu entrada. Entornos más estrictos pueden usar artefactos locales e imágenes offline.
VPC / private network
Run in your cloud account or private network with only required HTTP/HTTPS and database connectivity.
Local servers
Run with Docker, systemd, or your own platform while connecting local databases, object storage, and identity.
Air-gapped
Use offline container images and a local objectstack.json artifact with no cloud control plane or public internet requirement.
Local models
Point AI services at Ollama, vLLM, or internal model endpoints to keep business context inside your boundary.
FAQ de revisión de seguridad
FAQ de revisión de seguridad
Does ObjectOS phone home?
No. Unless you explicitly configure integrations such as OIDC, email, AI providers, webhooks, or external storage, ObjectOS does not phone home, check a license server, or collect telemetry.
What goes to a model provider?
Only the context required for the model task: conversation context, tool definitions, and necessary tool output. You can use an external model or configure a local model endpoint.
How do we limit agent writes?
Use read-only data sources, object permissions, field permissions, action permissions, and approval queues. Agents cannot bypass runtime permissions or silently apply structural changes.
Who owns TLS, database encryption, and secrets?
Those are deployment responsibilities. ObjectOS provides runtime authorization, audit, API key hashing, and settings encryption; your infrastructure owns TLS, at-rest database encryption, backups, and secret injection.
Is it suitable for regulated environments?
ObjectOS provides the technical primitives: access control, audit, data residency, and isolated deployment. Certification depends on your running deployment, not a binary alone.
Siguiente paso
Pon la revisión de seguridad primero, no después del piloto.
Confirma residencia de datos, permisos, auditoría y despliegue antes de conectar agentes de AI a datos reales.