The challenge
A European defence programme needed to deploy AI capabilities across multiple security classification levels. Analysts working at lower classifications needed access to models trained on higher-classification data, while the intelligence products flowing back had to respect strict cross-domain transfer policies.
Existing approaches required manual review of every cross-domain data transfer — a process that took weeks per request and created bottlenecks that made operational AI deployment impractical. Model governance compounded the problem: each security domain maintained its own model registry with no visibility into versions, approvals, or lineage across boundaries.
The result was an organisation with significant AI investment but no practical path to deploying models where they were needed most — at the operational edge, where classification boundaries intersect with time-critical decision support.
Our approach
We designed and built a gateway architecture that mediates AI inference across security domains, enforcing transfer policies automatically while providing unified model governance across all classification levels.
Policy-driven routing
The gateway evaluates each inference request against a declarative policy engine before routing it to the appropriate security domain. Policies encode what data can cross which boundaries, under what conditions, and with what transformations applied. Classification officers define policies once; the gateway enforces them continuously without per-request manual review.
This separation of policy from mechanism means new AI capabilities can be deployed without reopening the accreditation process — provided they operate within the bounds of existing approved policies.
Unified model governance
A single model registry spans all security domains, providing visibility into model versions, training provenance, approval status, and deployment state across the entire classification hierarchy. Models are promoted through a structured approval workflow that tracks lineage from training data through validation to operational deployment.
Each security domain retains sovereign control over what enters and leaves its boundary. The registry provides visibility, not bypass — governance officers see the full picture while domain authorities maintain their approval gates.
Controlled inference pipeline
When a request requires a model that resides in a higher-classification domain, the gateway orchestrates a controlled inference pipeline: the request is sanitised according to domain policy, routed to the model, and the response is evaluated against downgrade rules before delivery. The entire transaction is logged with full audit trail for compliance review.
Results
Model deployment across security domains reduced from weeks of manual coordination to days of automated policy evaluation. Capabilities that were previously confined to single domains became available across the programme, unlocking operational AI use cases that had been technically feasible but procedurally blocked.
The governance framework established the programme's first cross-domain AI model registry, providing classification officers and programme leadership with unified visibility into AI deployments across all security levels. This framework has since been adopted across multiple programmes within the organisation, becoming the standard approach to cross-domain AI governance.