Security Model Overview for Users

Who this is for

Anyone evaluating CloudAIPilot's security posture, onboarding to a production environment, or wanting to understand what security protections are in place by default.

What you will complete

Understand the key security mechanisms in CloudAIPilot, what is protected, who can access what, and where the security controls live.

Security in four layers

CloudAIPilot's security model is built in four layers:

Layer 1: Authentication and session security

• Multi-factor authentication via Google SSO or GitHub SSO (both use the provider's own security hardening).
• Email/password accounts use bcrypt-hashed passwords with rate limiting on failed login attempts.
• Session tokens use short-lived signed JWTs. Sessions expire automatically.
• New login notifications — a notification fires whenever a new login occurs from an unrecognized device or location.

Layer 2: Role-based access control

Four roles (Owner, Admin, Member, Viewer) with distinct permission levels. See KB-09-02 for the full permission matrix.

Key protections:

• Viewers cannot make any changes — read-only access strictly enforced.
• Destructive actions (delete server, delete site) require Owner or Admin role.
• AI Pilot write actions respect role boundaries — Members cannot approve infrastructure actions above their permission level.

Layer 3: Data encryption

• Secrets at rest — environment variables, cloud API keys, SSH private keys, and notification channel credentials are encrypted at rest. They are never stored in plain text.
• Post-Quantum Cryptography (PQC) — the control channel between the CloudAIPilot platform and the server agent uses ML-KEM-768 post-quantum key encapsulation. This protects the channel against future quantum computing attacks. See KB-11-03.
• HTTPS everywhere — all communication between your browser and the platform uses TLS 1.3.

Layer 4: Operational guardrails

• Approval gates for AI actions — no AI-initiated write action executes without explicit human approval.
• Production Protection — prevents AI from touching production servers.
• Safe delete with grace periods — destructive operations have confirmation requirements and in some cases a grace period before permanent deletion.
• Immutable audit trail — every action is logged permanently and cannot be modified.

What CloudAIPilot does not see

• Database contents — the platform does not have access to your application databases.
• File contents — the platform cannot read arbitrary files on your servers (only when you explicitly enable File Access for AI Pilot).
• Environment variable values — stored encrypted; not visible to platform staff or the AI.
• SSH private keys — generated and stored encrypted; used programmatically but never exposed in the UI.

Your responsibilities

CloudAIPilot secures the platform and the control channel. As the operator, you are responsible for:

• Keeping your cloud provider IAM permissions scoped correctly.
• Inviting team members with the appropriate role (not giving everyone Owner access).
• Configuring Production Protection and per-server AI access controls appropriately.
• Monitoring for unexpected activity via the audit log.

Related articles

• KB-11-02: Secret handling and encryption guarantees
• KB-11-03: PQC basics and what is active today
• KB-11-06: Data isolation and org boundaries
• KB-11-08: Security checklist for production onboarding
• KB-09-02: Current role model and practical governance