TrustAI is built on Knox Blockchain — a 13-layer security and compliance architecture aligned with NIST SP 800-53, HIPAA, FedRAMP, SOC 2, and OMB Circular A-123. Trust, estate, and fiduciary disputes involve protected health information, financial records, and minor children — TrustAI treats every byte accordingly.
Operator: Bonis Systems LLC UEI: R2BPJDC5CBA3 USPTO Patent Pending #64/036,498
| # | Layer | Status |
|---|---|---|
| 1 | DDoS Protection (50 req/10s sustained, 20/2s burst) | Active |
| 2 | Bot & Scanner Detection (16 signatures) | Active |
| 3 | Payload Inspection (XSS, SQLi, traversal, injection) | Active |
| 4 | Honeypot Traps (15 decoy paths) | Active |
| 5 | Brute Force Prevention (lockout at 5 attempts) | Active |
| 6 | IP Threat Scoring & Auto-Block (score 80+) | Active |
| 7 | Content Security Policy (CSP) | Active |
| 8 | HSTS + Security Headers | Active |
| 9 | Request Fingerprinting (SHA-256) | Active |
| 10 | Knox Blockchain Audit Trail (immutable) | Active |
| 11 | AES-256-GCM Encryption at Rest | Active |
| 12 | TLS 1.3 Transport Security | Active |
| 13 | Permissions-Policy (camera, mic, geo, payment disabled) | Active |
TrustAI's PII scrubber automatically detects and redacts the 18 HIPAA Safe Harbor identifiers plus legal/financial data before any AI inference, log write, or external transmission:
| Identifier | Detection | Treatment |
|---|---|---|
| Social Security Number | Regex (validated) | Redacted |
| Employer ID Number | Regex | Redacted |
| Bank account / routing | Pattern + context | Redacted |
| Medical Record Number | Pattern + context | Redacted |
| Date of birth | Regex | Redacted |
| Phone, email, ZIP, IP | Regex | Redacted |
| Driver license | Regex | Redacted |
| Credit card | Luhn + regex | Redacted |
| Family | Description | Status |
|---|---|---|
| AC | Access Control (RBAC, session management) | Implemented |
| AU | Audit & Accountability (immutable Knox ledger) | Implemented |
| IA | Identification & Authentication (bcrypt 12 rounds) | Implemented |
| SC | System & Communications Protection (TLS 1.3, AES-256) | Implemented |
| SI | System & Information Integrity (payload inspection, PII scrub) | Implemented |
| IR | Incident Response (Knox dashboard, threat log) | Implemented |
| CM | Configuration Management (Cloud Run revisions) | Implemented |
While trust documents are not Protected Health Information per se, they routinely contain medical history, capacity assessments, and HEMS distribution evidence. TrustAI applies HIPAA Security Rule administrative, physical, and technical safeguards to all case data. A signed Business Associate Agreement (BAA) is available to any covered entity engagement: View BAA template.
| Framework | Status |
|---|---|
| FedRAMP Moderate (target) | Readiness Assessment in Progress |
| SOC 2 Type II | Self-Assessment Complete; Formal Audit Pending |
| FISMA Continuous Monitoring | Active (Knox Dashboard) |
| OMB Circular A-123 | Compliant (immutable audit trail) |
| Federal Records Act | Compliant (blockchain retention) |
| Section 508 Accessibility | Audit Scheduled |
Google Cloud Run (us-central1) on a FedRAMP High authorized cloud platform. Encryption at rest via Google-managed AES-256-GCM. TLS 1.3 with HSTS preload. Inherited GCP infrastructure controls.
For federal auditors and procurement officers: /api/knox/compliance returns a JSON attestation of platform compliance posture, security controls, and Knox Blockchain configuration.