Semantic Guardrails

Implement AI-driven policies to protect sensitive data while allowing for flexible access controls.

1: Semantic Guardrails Architecture
2: Prerequisites for Semantic Guardrails
3: Setting up Semantic Guardrails
4: Running the Semantic Guardrails samples
5: Using the Semantic Guardrails APIs
6: Uninstalling Semantic Guardrails

Semantic Guardrails evaluates and mitigates risks in AI-generated content by scanning conversations for policy violations, sensitive data exposure, and off-topic responses. It enables organizations to enforce data protection policies, monitor data usage, and ensure compliance with regulatory requirements.

1 - Semantic Guardrails Architecture

Architecture of the Semantic Guardrails feature.

Protegrity’s GenAI Security Semantic Guardrails solution is a security guardrail engine for AI systems. It evaluates risks in GenAI chatbots, workflows, and agents through advanced semantic analytics and intent classification to detect potentially malicious messages. PII detection can also be leveraged for comprehensive security coverage.

The documentation here for Semantic Guardrails covers its specific requirements and relationship with AI Developer Edition. For more information, refer to the complete body of the Semantic Guardrails documentation.

Overview

Semantic Guardrails is trained on synthetic customer-service AI chatbot datasets. The system performs best when analyzing conversations expected to match the training domain, that is, English-language-based customer service interactions involving orders, tickets, and purchases.

For domain-specific and user-specific applications requiring high detection accuracy, fine-tuning is necessary to completely leverage the model’s ability. This helps the model to learn from expected conversation patterns and message structures in both the inputs and outputs of protected GenAI systems.

The system operates by analyzing conversations between participants. These participants are users and AI systems, such as LLMs, agents, or contextual information sources. Furthermore, the system utilizes Protegrity’s Data Discovery, if present in the same network environment, to leverage PII detection in its internal decision algorithm.

The solution provides individual message risk scores and classifications, and cumulative conversation risk scores and classifications. This dual-scoring approach ensures that while individual messages may appear benign, potentially risky cumulative conversation patterns are identified. This significantly enhances detection of sophisticated attack vectors, including LLM jailbreaks and prompt injection attempts.

Architecture

For more information about the general architecture and working of Semantic Guardrails, refer to General architecture of Semantic Guardrails.

2 - Prerequisites for Semantic Guardrails

Prerequisites for the Semantic Guardrails feature.

Ensure that the following prerequisites are met before running these examples for Semantic Guardrails:

Docker CLI, Docker Compose, and Python are installed. For more information, refer to AI Developer Edition, Pre-requisites Guide.
For shell samples: Bash version greater than or equal to 5.1.8 and curl version greater than or equal to 7.76.1.
For notebook samples: JupyterLab version greater than or equal to 4.5.6.

3 - Setting up Semantic Guardrails

Installation instructions for the Semantic Guardrails feature.

Use the containers to set up Semantic Guardrails components required for identifying sensitive data.

Open a command prompt.
Navigate to the cloned repository location for protegrity-ai-developer-edition.
Run the following command to download and start the containers. The dependent containers are large in size. Based on the network connection, the containers might take time to download and deploy.
```
cd semantic-guardrail
docker compose up -d
```
Based on your configuration use the docker-compose up -d command. Ensure that you bring down the containers using docker compose down before switching between starting just Data Discovery containers or Data Discovery and Semantic Guardrails containers.
Note: By default images are obtained from ghcr.io. To obtain images from public.ecr.aws, navigate to the semantic-guardrail directory and copy the .env.example file to .env. Open the .env file and uncomment the REGISTRY=public.ecr.aws/protegrity-ai-developer-edition line in the file. Save the file and run the docker compose up -d command to download and start the containers.
Verify that the containers started successfully.

docker compose logs

Set up the Jupyter notebook for working with the notebooks provided from the cloned repository location for protegrity-ai-developer-edition.
```
pip install -r shared/requirements.txt
```

Open a command prompt.
Navigate to the cloned repository location for protegrity-ai-developer-edition.
If the step to stop containers was missed earlier, then use the following commands to identify and remove the AI Developer Edition containers.
```
docker compose down --remove-orphans
```

Delete the docker network resources.

docker network rm -f <network_name_or_id>

For example,

docker network rm -f protegrity-network

Run the following command to download and start the containers. The dependent containers are large in size. Based on the network connection, the containers might take time to download and deploy.
```
cd semantic-guardrail
docker compose up -d
```
Based on your configuration use the docker-compose up -d command. Ensure that you bring down the containers using docker compose down before switching between starting just Data Discovery containers or Data Discovery and Semantic Guardrails containers.
Verify that the containers started successfully.
```
docker compose logs
```
Set up the Jupyter notebook for working with the notebooks provided from the cloned repository location for protegrity-ai-developer-edition.
```
pip install -r shared/requirements.txt
```

4 - Running the Semantic Guardrails samples

Instructions for running the Semantic Guardrails samples.

The example scripts under the semantic-guardrail/ folder demonstrate the usage of Semantic Guardrails APIs. For more information about the Semantic Guardrails APIs, refer to the section Semantic Guardrails APIs.

Note: A dedicated semantic-guardrail/docker-compose.yml is provided to start the Data Discovery and the Semantic Guardrails services.

Open a command prompt.
Navigate to the directory where AI Developer Edition is cloned.
Run the following command to test Semantic Guardrails using Python scripts. The following command submits a multi-turn conversation for analysis. One for semantic and a second one for PII processing.
```
python semantic-guardrail/samples/python/sample-guardrail-python.py
```
Run the following command to start Jupyter Lab for running Semantic Guardrails.
```
jupyter lab
```
Copy the URL displayed and navigate to the site from a web browser. Ensure that localhost is replaced with the IP address of the system where the AI Developer Edition is set up.
In the left pane of the Jupyter Lab, navigate to semantic-guardrail/samples/python/sample-app-semantic-guardrails.
Open the Sample Application.ipynb file.
Click the Play icon and follow the prompts in the Jupyter Lab.

5 - Using the Semantic Guardrails APIs

Listing the APIs for the Semantic Guardrails feature.

Semantic Guardrails has the following types of API Endpoints:

Scan API to scan and classify sensitive data.
Domain Model API to view the domain models available.

For more information about Semantic Guardrails APIs, refer to the complete body of the Semantic Guardrails documentation.

6 - Uninstalling Semantic Guardrails

Instructions for uninstalling the Semantic Guardrails feature.

Open a command prompt.
Navigate to the cloned repository location.
Navigate to the semantic-guardrails directory.
```
cd semantic-guardrail
```
Run the following command to remove the containers and images.
```
docker compose down --rmi all
```