usp · how it works
Security Model Selection
One platform. Four security classes. Automatic AI model choice per context — not a setting but architecture.
section b
The principle in one paragraph
No cloud provider is right for everything. And no self-hosted model is powerful enough for every task. Our architecture acknowledges that: we choose the AI model per task and per data sensitivity. A router decides, before every AI call, which provider may respond — based on the data class of the item at hand.
section c
The four data classes (L0–L3)
What belongs where, and who may see it?
| Class | Label | What belongs here | Who may see it |
|---|---|---|---|
| L0 | Public | News articles, parliamentary papers, public reports, social posts | Anyone with an account always logged |
| L1 | Confidential | Internal files, preliminary policy notes, draft documents | Organisation + designated partners always logged |
| L2 | Secret | PII, medical info, complaint files with personal data | Strict need-to-know always logged |
| L3 | Special category | Special-category personal data (ethnicity, religion, orientation, health) | Authorised roles only always logged |
section d
The model mapping
Which model may touch which class, and where does it run?
| Data class | AI provider | Hosting | Data relocation |
|---|---|---|---|
| L0Public | Frontier cloud (Claude, Mistral) | EU-region or NL | EU / NL |
| L1Confidential | EU-hosted cloud or self-hosted open model | EU-region or NL | EU / NL |
| L2Secret | Self-hosted open model (Llama, Qwen, Mistral) via Ollama | Client infrastructure or MurmurWorks OnPremise | Never leaves client |
| L3Special | Self-hosted, air-gapped | Offline, no outbound connections | Never leaves network segment |
Concretely: a complaint file with ethnic characteristics (L3) physically cannot reach a commercial cloud. A public news article (L0) may reach a frontier model. The choice is not a setting — it is architecture.
L2 — Geheim
PII, klacht- en meldingsdata
Persoonsgegevens, klachtdossiers, medische info. Draait op een zelf-gehost open model (Llama, Qwen, Mistral) via Ollama, binnen klant-infrastructuur of een MurmurWorks OnPremise-omgeving. Data verlaat de klantomgeving fysiek niet — ook niet voor embeddings of indexering. Strikt need-to-know toegang, altijd gelogd.
- AI-provider
- Zelf-gehost open model (Ollama)
- Hosting
- Klant-infrastructuur of MurmurWorks OnPremise
Eén platform. Vier veiligheidsklassen. De classificatie bepaalt automatisch welk AI-model de data mag raken. Geen instelling — architectuur.
section e
How it works technically
Harness engineering: the platform manages the models, not the other way round.
-
01
Model router
Every AI call passes a router that inspects data class before the call is executed.
-
02
Provider-agnostic
The orchestration platform is independent of which LLM sits beneath. LLMs are interchangeable; the harness is not.
-
03
Output validation
Every AI response is checked for schema, hallucinations and source attribution.
-
04
Fallback ladder
Provider outage → automatic degradation to next option within the same class.
-
05
Audit log
Every call recorded: which document, which model, which prompt, which response, which classification.
section f
Why it looks the way it does
Other vendors pick one cloud provider for everything. That works in commercial contexts, but not for the public sector — where security requirements vary per file.
Other vendors pick one self-hosted model for everything. That gives full sovereignty, but frontier models interpret public texts better than a local Llama model.
Our choice: the strength of both worlds, driven by data classes.
section g
Boundaries & honesty
- L0/L1 claims-where-possible: if data is ambiguous to classify, we pick the heavier class. Safer than faster.
- Provider mix can be expensive: cloud calls at L0 are cheap, but self-hosting at L2/L3 requires hardware at the client site.
- Models change: each quarter we evaluate which models per class are best. See the transparency report.
section h
Request the security dossier
Want the full technical underpinning? We provide a security dossier with router architecture, audit schemas and provider contracts.
Request security dossier