Skip to main content
CID222
CID222Documentation

Architecture

CID222 is designed as a high-performance gateway that sits between your applications and LLM providers, providing real-time content safety without compromising latency.

System Overview

The CID222 architecture consists of several key components working together to provide comprehensive AI privacy protection:

  • API Gateway — Entry point for all requests, handles authentication, rate limiting, and routing
  • Content Safety Pipeline — Multi-layer detection and filtering engine
  • Provider Factory — Manages connections to multiple LLM providers
  • Session Manager — Handles conversation context and history
  • Audit Logger — Records all requests, detections, and actions for compliance

Request Flow

When a request arrives at CID222, it flows through the following stages:

  1. Authentication — JWT/API key validation and tenant identification
  2. Input Analysis — Content passes through the safety pipeline
  3. Policy Evaluation — Configured rules determine actions (mask, reject, flag)
  4. Provider Routing — Request forwarded to appropriate LLM with sanitized content
  5. Response Analysis — Output checked for leaked sensitive data
  6. Logging — Full audit trail recorded for compliance

Latency

The entire safety pipeline adds less than 150ms overhead to typical requests, ensuring your applications remain responsive.

Core Services

API Gateway

The gateway handles all incoming traffic with features including:

  • Request validation and transformation
  • Rate limiting per tenant/API key
  • Load balancing across multiple instances
  • TLS termination and certificate management

Detection Engines

CID222 employs multiple detection engines working in parallel:

  • Regex Engine — Pattern-based detection for structured data (emails, phone numbers, credit cards)
  • NER Engine — Named Entity Recognition for names, locations, organizations
  • Content Classifier — ML-based classification for toxicity, hate speech, and other harmful content
  • Jailbreak Detector — Specialized model for prompt injection attempts

Provider Factory

The provider factory abstracts connections to different LLM providers:

  • Unified interface for OpenAI, Anthropic, Google, Azure
  • Automatic credential resolution based on tenant configuration
  • Connection pooling and retry logic
  • Model availability checking

Data Storage

CID222 uses PostgreSQL for persistent storage with the following data organization:

  • Tenant Data — User accounts, credentials, and configurations
  • Session Data — Conversation history and context (JSONB)
  • Detection Logs — All detected entities and actions taken
  • Audit Trail — Complete request/response logs for compliance

Data Retention

Detection logs and audit trails are retained according to your configured policy. Default retention is 90 days for Enterprise plans.

Caching Layer

Redis provides high-performance caching for:

  • Session context (reducing database load)
  • Rate limiting counters
  • Filter pattern compilation results
  • Provider health status

Async Processing

Background tasks are handled via a queue system for:

  • Deep risk analysis on flagged content
  • Batch detection statistics aggregation
  • Report generation
  • Webhook delivery

Deployment Options

CID222 supports multiple deployment models:

  • SaaS (Cloud) — Fully managed service with automatic updates
  • Hybrid — Cloud control plane with on-premises data processing
  • On-Premises — Full deployment within your infrastructure
  • Air-Gapped — Isolated deployment with no external connectivity