Skip to main content

Security

Introduction

The Security module in Serenity* AI Hub ensures that your AI agents operate safely and efficiently by providing control over resource usage, protecting sensitive data, and restricting access based on domain. These features are designed to safeguard both the integrity of the AI and the privacy of user interactions.

How to Use

  1. Access Serenity* AI Hub
  2. Navigate to the AI Agents tab Execution Limits
  3. Select the agent you want to configure
  4. Access the Security tab within the agent designer to manage and control the resources used by your AI agents. Security Tab

Available Features

The following features are available:

Execution Limits

Execution limits help manage resource usage by setting constraints on how frequently an agent can execute tasks, ensuring optimal performance and preventing system overload.

Execution Limits

  1. Executions Per Minute: Limit the number of agent executions allowed per minute to prevent excessive use.
  2. Quota Limit Per Conversation (Assistant agents only): Define a maximum quota for each conversation to control costs.
  3. Maximum Number of User Messages (Assistant agents only): Set an upper limit on messages a user can send within the same conversation.
  4. Monthly Quota Limit: Establish a monthly maximum limit for agent usage to manage overall consumption.

Sensitive Data Obfuscation

Protecting user privacy and sensitive information is crucial. The data obfuscation feature masks sensitive data to prevent unauthorized access or misuse. When enabled, the system will automatically obfuscate sensitive details in user messages and inputs, ensuring that only necessary information is exposed.

Data Obfuscation

You can fully customize how the agent will process and detect sensitive data. Each category can be individually activated and controlled by setting a defined threshold. Lower threshold values (closer to 0) will result in more data being obfuscated, whereas higher values (closer to 1) will result in less data being obfuscated.

Data Obfuscation Configuration

Obfuscated data can be monitored in each instance of the agent.

Obfuscated Data Example

In this example the input was:

{
  "Input": [
    {
      "Key": "name",
      "Value": "Virgil Van Gomes"
    },
    {
      "Key": "creditcard",
      "Value": "1111 2222 3333 4444"
    },
    {
      "Key": "offers",
      "Value": ["Clothes", "Sports", "My phone number is 0303 4567658"]
    },
    {
      "Key": "channel",
      "Value": "WebAppPreview"
    }
  ]
}

The creditcard and phone number were obfuscated in the input. The name in the inputs wasn't initially obfuscated but was later obfuscated in the system context.

Domains

Restricting the origin of requests to specific domains is essential for maintaining control over where and how your AI agents are accessed. Configure a list of allowed domains to ensure that agents only respond to requests from trusted sources.

Domain Restrictions

  1. Restrict Origin: Specify which domains are permitted to interact with your agents, blocking requests from unapproved sources.
  2. Manage Allowed Domains: Easily add or remove domains from the approved list as needed to maintain security compliance.

A header with the key Origin must be included in the request, specifying the origin of the request.

Example: If the allowed domain is https://www.mywebpage.com, the following origins would be permitted:

  • https://www.mywebpage.com
  • https://mywebpage.com/subdomain
  • https://subdomain.mywebpage.com