Security by sovereignty. Sealed, attested, offline.
8 control domains, 40 specific controls, enforced by architecture inside the Mickai Sovereign Intelligence Operating System. It runs air-gapped on hardware you own with zero data egress, signs every action before it executes, seals it to a post-quantum Open Audit Record, attests the hardware it runs on, and hands the keys to the operator. The largest attack surface in conventional AI, the path to a vendor, is removed.
What is the Mickai security model?
Mickai's security model is sovereignty by architecture. The Sovereign Intelligence Operating System runs on hardware the customer owns, air-gapped by default with zero data egress, so the largest attack surface in conventional AI, the network path to a vendor, is removed by construction. Every action is signed before it executes and sealed to a tamper-evident, post-quantum Open Audit Record, hardware identity is attested through TPM 2.0 and measured boot, and a dedicated agent-safety layer quarantines prompt injection. The operator holds the keys.
How does Mickai defend against prompt injection and unsafe agent actions?
A dedicated agent-safety layer inspects every input and tool call, quarantines injection attempts, and enforces typed, allowlisted actions with a hard human-in-the-loop gate on anything consequential. Because the system runs behind the firewall with a gated egress perimeter, an injected instruction has nowhere to exfiltrate to, and every decision is sealed to the audit record for review.
Who holds the encryption keys and the audit trail?
The operator does. Keys are generated and held on the customer's own hardware, encrypted at rest, and never escrowed to Mickai or any cloud. The Open Audit Record ledger is the customer's own, verifiable offline with the operator public key alone, so security and accountability sit with the organisation that bears the liability, not a vendor.