Security and governance
NADIR serves high-accountability environments where ADAS events can become litigation, claims, or compliance artifacts. Control surfaces are designed for provable lineage, strict tenant boundaries, and policy-governed external data sharing.
Data boundaries are enforced at organization and role scope across ingestion, processing, and output layers.
Every intervention is linked to immutable event lineage from detection through workflow closure.
Console and onboarding authenticate through Clerk (SOC 2 Type II) with a NADIR org tenancy layer. Passwords for pilot demos may still use legacy local auth when Clerk is disabled — production enables Clerk SSO only.
organization_id with sandbox API keys per tenant.api/auth/CLERK_SETUP.md.Dynamic risk outputs are generated using aggregation safeguards that prevent raw tenant exposure.
Representative controls by platform layer.
| Layer | Control | Assurance outcome |
|---|---|---|
| Console auth | Clerk SSO + org JWT exchange | Enterprise identity without shared passwords |
| Object storage | Org-scoped upload ACL | Tenant-safe file attachments |
| Ingestion gateway | Signed webhook validation | Trusted provider source integrity |
| Inference services | Versioned and reproducible scoring pipeline | Defensible risk decision lineage |
| Evidence graph | Immutable timeline persistence | Litigation-ready traceability |
| Risk API layer | Aggregation and redaction policy checks | Tenant-safe external distribution |