Architecture / AIGIS resources
The safest AI write path treats model output as a proposal, not an action. A human confirms the change, and the system re-verifies permissions before execution.
Executive read
AI-generated mutations should be proposals until a human explicitly confirms them.
Permissions can change between proposal and approval.
AIGIS re-checks object, field, and record permissions at confirmation time.
The write audit record should include proposal, approval, permission check, and execution result.
Analysis
An AI can draft a write while the user has access, but that access may change before the user approves it. If the system only checks permissions at proposal time, it has a time-of-check/time-of-use gap.
AIGIS closes that gap by treating confirmation as a new governance event.
The model can describe the intended change, the affected system, the record, the fields, and the reason. That proposal is displayed to the user for explicit approval.
Only after approval does AIGIS re-check write permissions and call the target system. If any check fails, the write is denied and logged.
Enterprise users will not trust AI that silently mutates business systems. They will trust AI that clearly proposes, asks, verifies, executes, and records what happened.
Human-in-the-loop is not a UX afterthought. It is part of the security boundary.
Keep reading
Architecture
AIGIS records which systems were queried, which identities were used, which permissions were checked, and which fields were included or stripped.
Architecture
Why LLM field-level security should remove inaccessible fields before prompt construction instead of sending masked placeholders to the model.
Architecture
A practical architecture for enterprise AI governance middleware: identity resolution, live record checks, field stripping, model routing, write approvals, and audit provenance.