Chapter 7: The Architecture of Sovereign EAI Implementations

Show Notes

Public and private enterprises must establish secure, sovereign ways to harness AI without compromising privacy, security, or national control. Explore how a hybrid approach enables nations and organizations to responsibly unlock the next wave of AI innovation. 

Transcript

SPEAKER_00 0:00

Chapter 7. The Architecture of Sovereign EAI Implementations As described in earlier chapters, 90% of the world's data is locked behind firewalls, residing in private, proprietary, or sensitive environments. Only 10% is publicly accessible, and it is this minority that has largely powered the first wave of generative AI, Gen AI. To unlock the full potential of Gen AI, agentic AI, and ultimately artificial general intelligence, AGI, public and private sector enterprises must develop secure, sovereign mechanisms to access and utilize the 90% without compromising privacy, security, or national control. In this chapter, we'll show you how you can do this using a hybrid approach that integrates sovereign data and EAI on an EIM platform. New risks, such as foreign administrations being empowered to push the kill switch, have raised concerns at global organizations. In today's digital economy, data is the most foundational asset. It fuels innovation, drives productivity, and underpins national security. As AI transforms every sector and geopolitical considerations rapidly evolve, it's more critical than ever for leaders to safeguard the privacy and protection of their data, infrastructure, and AI capabilities. This challenge extends from the enterprise to the national level, where it is imperative that countries develop sovereign plans for AI leadership. A country's ability to lead in the AI era depends on its ability to control and harness its most valuable digital resource, data. Without full control, countries risk having their digital infrastructure annexed, either technically or legally, by foreign jurisdictions. This is not just a matter of innovation, it is a matter of national security. IT leaders increasingly regard sovereignty over both infrastructure and data as a strategic imperative. In a world of geopolitical tension, trade restrictions, and rapidly evolving regulatory frameworks, dependency on distant or politically constrained providers has become a material business risk. Forward-looking organizations aren't just meeting compliance obligations, they're adopting resilient, jurisdiction-aware architectures that can withstand disruption, maintain legal certainty, and preserve operational continuity under any circumstance. Digital Sovereignty Definitions Increasingly, discussions globally on data and AI have focused on the importance of digital sovereignty. This refers to the ability of a nation or organization to maintain control over its digital assets, data, systems, and operations, ensuring independence from external influence and compliance with domestic regulations. Depending on the sensitivity of the data, achieving digital sovereignty may require one or more of the following elements. Data sovereignty. Ensuring that data is stored, processed, and managed within a specific jurisdiction, with strict controls to prevent access or transfer to foreign entities or under foreign laws. Operational sovereignty. Ensuring that operations are situated in a specific jurisdiction and that personnel managing digital assets are citizens of that jurisdiction with appropriate security clearances. Technological sovereignty, maintaining control over infrastructure, including physical data center security, access rights, and management of hardware, software, and encryption keys. This includes sovereignty of the control plane, a set of services critical for integrating applications with underlying infrastructure, legal sovereignty, ensuring that technology vendors and cloud service providers are governed exclusively by a specific jurisdiction's law. A balanced hybrid approach. To compete in the AI era, nations must leverage the immense scale, innovation, and flexibility of global public cloud services. This necessity, however, creates a fundamental tension with the security imperative to maintain sovereign control. A hybrid model is the essential solution to this challenge. This approach balances both requirements by acknowledging that not all data requires the same level of protection. Sensitive sovereign data is protected on secure platforms and a domestically owned and operated infrastructure layer, while public data sets and citizen-facing services can utilize global hyperscalers to achieve the necessary scale. Discover how a global leader in technology and services leveraged a hybrid approach of data and AI with Gen AI to analyze historical cases involving millions of documents and thousands of terabytes. Case study A Global Tech Leader. A global leader in technology and services shapes universal trends in automation, electrification, digitalization, and connectivity. Its strong industrial presence drives innovation to improve processes, including optimizing legal operations. As a global enterprise, legal challenges are an inevitable part of operating at scale, but lengthy internal investigations and unwieldy early case assessments were hampering their ability to define next steps in diverting the company from innovating and creating value. Inefficient processes led to increased costs and risk, given the absence of technology to support case knowledge and control early in the process. The company sought a technology solution to help them make better and faster decisions by quickly processing and analyzing large amounts of internal data and help shape how the legal case proceeded. The company adopted a hybrid approach. Their legal team used it with Gen AI to crunch vast data sets in the case assessment phase. They then used a large language model to ask the relevant questions and get answers within minutes to determine their case strategy. The global company was able to transform their legal workflows, enabling faster data-driven decisions and proactive investigations. Through AI integration and training, its legal teams were able to deliver superior service. Architecture for Sovereignty. The architectural framework featured on page 119 provides a high-level view of the critical components for enabling the sovereign data and AI capabilities on an EIM platform for both the public and private sectors. This framework ensures that secure services are delivered to customers in an efficient manner, protecting their critical data. Key aspects of this architecture include dual data architecture. Sensitive data is protected within a sovereign layer, while publicly available data is processed in a hybrid cloud environment, i.e., an environment that integrates public and private cloud. Multi-agent AI model. Private AI agents operate within the sovereign stack while public AI agents deliver services via hybrid cloud, ensuring secure boundaries and data integrity. Extensibility, designed to incorporate additional data sets, data security and governance, adhering to policy and controls around protection and use of data. Core principles trust, security, national control, and resilience. What follows is a breakdown of the above architecture. The infrastructure and network layer. Sensitive data is hosted within infrastructure operated by trusted telecommunications and data center providers. These environments are engineered to meet the most stringent security and sovereignty requirements, employing zero trust protocols, security frameworks that verify every connection, device, and user continuously rather than assuming any element is safe and air-gapped configurations in which critical systems are physically or logically isolated from public networks to prevent unauthorized access or data leakage. Deployments remain within defined national or regional borders, with operations managed exclusively by security-cleared personnel to ensure compliance with all applicable laws, regulations, and defense grade standards. For data and workloads that do not require full sovereignty, such as publicly available data sets or citizen and customer-facing digital experiences, the framework incorporates global hyperscalers. These platforms provide the skill, flexibility, and advanced tooling needed to support innovation, responsiveness, and cost efficiency, while operating under strict governance boundaries that prevent sovereign data exposure. Across both zones, the architecture is unified by a common technology stack integrating capabilities in the areas of data and information management, AI models, and AI applications. The operational technology layer. The operational technology layer is critical for enabling the deployment of data, AI models, platforms, applications, and AI services. It provides the bridge between infrastructure, network, and applications. In a multi-cloud and hybrid world, standardization at the operational layer is essential. Adopting open protocols and interoperable frameworks allows organizations to maintain portability of workloads. The ability to move applications and data seamlessly between on-premises, private, and sovereign clouds without refactoring or security trade-offs. This is particularly critical for AI workloads where compute intensity, data gravity, and regulatory constraints demand both flexibility and control. Operational technology governance also extends to monitoring, observability, and automation. Unified control planes and orchestration tools enforce consistent configurations, patch management, and compliance verification in real time. In this sense, the operational layer ensures that every AI deployment, from model training to inference, runs within trusted boundaries, adheres to defined jurisdictions, and scales with confidence. The data layer. As the foundation for EAI, the data layer must support the needs of both the public and private sectors. It enables secure, intelligent, and scalable data management across government and public sectors with the extensibility to support private sector needs. The architecture requires support for both explicit and implicit data hierarchies. Explicit structures include folder hierarchies, taxonomies, schemas, version control, and audit logs. Implicit structures include metadata fields, semantic relationships, ontologies, tags, and usage-based clustering. These are woven together using metadata driven orchestration and semantic engines, enabling AI systems to reason across both structured and unstructured data. Agentic use cases. Agents will drive productivity and efficiency gains while delivering better customer service and business outcomes. Some sample agenc use cases include health care, personalized health navigation, benefits eligibility, and virtual triage, housing, application processing, permitting, eligibility screening, and subsidy management, banking, proactive fraud detection, personalized financial guidance, and automated loan processing, transportation, dynamic route optimization, autonomous fleet management, and predictive maintenance, taxation, audit flagging, fraud detection, and support for completing tax filings. In the following case study, find out how DNB Finans is using AI and data to streamline the administration of car fleets, detect fraud, and improve satisfaction for their leased car customers. Case study DNB Finance DNB Bank Group in Norway is Scandinavia's second largest bank, employing 13,430 people and managing total assets worth 250 billion euros, 273 billion dollars US. Its subsidiary, DB Finans, is one of the largest finance companies in the Nordic region. In the private sector, the organization has a dominant position in the car financing market with more than 300,000 finance vehicles in its portfolio. DNB Penance is always looking for new ways to add value for its customers. The most valued services it can offer are those that help businesses control costs by providing greater visibility on their spending. To this end, the Auto Lease Division of DB Phenons wanted to deepen the BI it provided its clients. For example, the system could provide up-to-date statistics to help customers keep track of all car-related costs, including information about fuel use, COT emissions, leasing costs, damage reports, and fraud alerts. At the same time, the company needed to establish customized cost center structures so that clients would be able to monitor activity by business unit. It was important to D ⁇ B Phenons that the software would be easy to use without training. The goal was to achieve a user experience that was similar to consumer social networks, like Facebook. The company rolled out a business intelligence and reporting solution to be used by more than 30,000 leased car customers. The solution is highly intuitive, featuring colorful visual representations of data, including dashboards for users and logical controls for fraud detection and easy administration of car fleets. Since the deployment, DMB Phenons has seen customer satisfaction levels rise from 4.4 to 5.1 on a scale of 1 to 6 for quality of reporting solution. The system has also drawn an additional 31% in user logins. Increasing activity on the car financing system, DMB Phenons anticipates a return on investment within a short 2.5 years. Its customers now have early visibility into issues like excessive mileage or fuel-related fraud and are able to pinpoint the business units responsible, enhancing their ability to act and increasing their loyalty through valuable business information. This solution gives the company a significant competitive differentiator in a crowded marketplace. Dual data architecture. The diagram featured on page 124 presents a detailed architecture for a secure, dual-zoned data and AI platform, distinguishing between the environments for the non-sovereign or public zone and the sovereign or private zone. The purpose of this architecture is to ensure that sensitive enterprise and government data and operations are segregated from public or less sensitive domains while still enabling controlled interactions where necessary in the public domain. It addresses the need for secure data in AI while providing flexibility to drive efficiency and cost-effective deployments, enabling improved customer experiences. Let's break it down. The non-sovereign public zone. In a dual sovereign data and AI architecture, the public zone serves as the controlled interface between open knowledge and enterprise intelligence. It enables organizations to leverage non-sensitive, publicly available data and AI services without compromising internal sovereignty or compliance obligations. By isolating public interactions through secure gateways and sanitization protocols, the public zone allows innovation and external connectivity to thrive within clearly defined governed boundaries. This zone is composed of non-sensitive and public AI agents. This feature includes interfaces like large language model, LLM, APIs that do not use sensitive data. The public agent API layer offers endpoints for accessing data with measures to control usage, secure sessions, and store session data. Non-sovereign public data sources. Here, the system accesses non-sensitive and public databases, published regulations, and service guides. It also uses public knowledge bases to improve the accuracy and relevance of the information it provides. Security Controls. Security measures include sanitization of personally identifiable information using named entity recognition models to strip sensitive information such as date of birth before any gateway validation. The sovereign private zone. The sovereign or private zone is the intelligence core of a dual sovereign data and AI architecture, where sensitive, mission-critical operations take place under full organizational control. Designed for regulated and high assurance environments, this zone governs the use of private agents, confidential data sources, and secure compute infrastructure. Every process, from model training to inference, is executed within a zero trust, air gapped framework, ensuring that national, corporate, or institutional data remains fully sovereign, compliant, and auditable. This zone is made up of private agents. This capability is reserved for enterprise public sector or private sector users and agents that are accessing sensitive data. It features an agentic platform capable of air gapped deployment. The private agent API layer here is internal only with zero trust security. Sovereign data sources. This includes protected databases that contain sensitive information, including HR or finance data, as well as sensitive departmental records. The Retrieval Augmented Generation RAG pipeline in this context uses protected knowledge sources, including legal precedents, to produce accurate AI results. RAG is essential in enterprise AI because it gives models governed access to relevant knowledge at runtime rather than relying solely on what they were trained on. Early implementations, often called naive RAG, simply retrieved chunks of text and inserted them into prompts, which could be imprecise and prone to hallucination when context did not fully align. Graph-based RAG RAG represents the next evolution. It structures enterprise knowledge as relationships and entities, enabling the model to retrieve not just documents but the right contextual meaning. As a result, Graph RAG significantly improves precision, traceability, and trust, reducing the need for oversized prompts and brittle context stuffing. Today, enterprises have three primary methods for providing context to AI models. Large and well-crafted prompts within expanded context windows, RAG, graph RAG retrieval pipelines, and model tuning, including fine tuning and embedding optimization. The future of enterprise AI lies in orchestrating these intelligently, shifting from manual prompt engineering towards governed, structured, and scalable context pipelines that enable AI systems to reason with enterprise knowledge securely and reliably. Processing infrastructure provides the accelerated compute capacity for secure workloads. This includes an immutable audit trail database for compliance oversight and optional fine-tuning of LLM models. Shared components and security measures. Between these zones lies an API gateway enforcing strict authentication, authorization, protocols, including identity verification via Access Control Federation and Multifactor Authentification, MFA. Data classification mechanisms auto-tag content by sensitivity level. Data loss prevention tools block sensitive data leakage across boundaries. A query router directs requests to the appropriate zone based on classification level. Only declassified for public responses are allowed back into the non-sovereign domain after protected data removal, the infrastructure and network layer. Both zones leverage robust infrastructure and network layers, ensuring physical and or logical separation where required. Sovereign data is not a new concept, a history of private sector use cases. Private sector use cases across regulated and unregulated industries can help to frame and shape this sovereign architecture. Protecting private and sensitive data has been a necessity for decades, and strong information management has been critical to enabling it. The following feature about Transport Canada demonstrates how effective information management brings secure content to the fingertips of people and integrates critical content with business processes. Case study Transport Canada Transport Canada's mission is to serve the public interest through the promotion of a safe, secure, efficient, and environmentally responsible transportation system in Canada. This requires effective information management to facilitate timely and informed decision making among an extensive list of portfolio partners that include 15 crown corporations, 17 port authorities, and 21 airport authorities, as well as other shared governance organizations. Concerned about the dissemination of information through electronic means, privacy assurances, corporate memory loss due to employee turnover, and the need for real time access to information to satisfy requests and litigation concerns, the government. Of Canada, GC, championed an e-government solution based on records, documents, and information management. Transport Canada was the first Canadian government department to complete an e-government deployment, with more than 4 million records in a single library and 5,200 users to date at more than 117 sites. The largest single library deployment in the Canadian public sector. Working as an integrated set of tools that facilitates the full use of electronic documentation, from capture and storage to organization, retrieval, sharing, reuse, protection, and disposal of information, the solution has become a mission-critical application for Transport Canada's managers and staff. It has helped the organization ensure the accuracy of its corporate records, unite a geographically dispersed and mobile workforce, meet legal obligations, including e-discovery requirements, improve productivity, and align information management with the Government Online GOL initiative. Using this system, Transport Canada has tripled productivity savings up to$4.6 million and expects further growth, staying on target to meet its annual cost avoidance savings estimate. As a result, the system paid for itself in just 1.17 years. As cloud adoption has increased over the last several years, most enterprises are often in a hybrid model of deployment across on-premises, data centers, and public cloud environments. It is only natural as AI adoption increases that these proven deployment models evolve to support a hybrid model for AI. Bundes Resinzentrum, BRZ, in Austria opted for a hybrid approach, leveraging a cloud-based information management system to consolidate and govern sensitive data across 12 government customers, 40 government applications, more than 10 ERP systems and mailing systems. Case study Bundes Resinzentrum, BRZ. The Federal Computing Center, BRZ, is the IT service provider of the Austrian public administration. With 1,200 employees and a total annual turnover of 265.3 million euro, the BRZ successfully develops and provides e-government services for ministries, universities, social security providers, and public organizations. The BRZ deploys 320 IT processes, equips 1,200 locations throughout Austria with infrastructure, and services about 30,000 workplaces. In 2000, the land and commercial registers of the Austrian Ministry of Justice were a typical example of process fragmentation. While the land registry data had been managed digitally since the 1980s, the original documents remained in the physical archives of courthouses and were inaccessible within processes. Moreover, the Ministry of Justice incurred the huge costs of archive maintenance and the risk of losing original documents. BRZ decided to address the issue by implementing an enterprise content management ECM solution. As the pilot study for the land registry was implemented, BRZ received more requests from administrations to manage documents electronically and integrate processes. In response, BRZ built a scalable ECM infrastructure called the eGov Archive Service, the first ever Austrian private ECM cloud service. The solution provided a robust platform for 12 government customers, 40 government applications, more than 10 ERP systems and mailing systems. The eGov Archive Service manages 45 terabytes TB of data or 400 million objects, serves approximately 1 million transactions per day, and is accessed by 30,000 users, tax auditors, judges, police, customs officials, HR staff, and accountants, and potentially every Austrian citizen. Services include everything from managing, accessing, routing, and searching to legally compliant archiving of all kinds of documents, as well as tight integration with line of business and enterprise resource planning, ERP systems, for a comprehensive cloud solution. Foundation for Agentic AI. Unlocking the world's private data is the central challenge for the next wave of artificial intelligence. This chapter has provided the architectural blueprint to do so securely. The solution is a hybrid dual zone model that establishes a secure private zone for sensitive assets and a public zone for other workloads. This model creates a secure environment where private AI agents can analyze and act on protected enterprise or government data without risk of leakage, while public AI agents handle non-sovereign tasks, balancing control with scale and competitiveness. This architecture is the essential foundation for activating advanced AI, providing the trust and control needed for widespread deployment of agentic AI, the subject of our next chapter. The FAST 5 Download. 1. Mandate sovereign data control. Prioritize and enforce full control over national and organizational data and digital infrastructure. Establish policies and technical measures to prevent external influence, ensure data residency, and maintain compliance with domestic regulations. 2. Implement a dual zone hybrid AI architecture. Separate sensitive data and workloads onto secure, domestically operated infrastructure, leverage public cloud platforms only for non-sensitive, scalable applications to balance innovation with security. 3. Deploy multi-agent AI models strategically. Activate private AI agents within protected zones to analyze and act on sensitive data. Use public AI agents for non-sovereign tasks, enabling organizations to scale AI innovation without compromising protected assets. 4. Enforce rigorous governance and security. Apply strict authentication, advanced data classification, and robust data loss prevention tools. Ensure all critical activities are logged with immutable audit trails and operate under zero trust protocols for maximum oversight and resilience. Five, accelerate adoption of proven hybrid architectures. Adopt best practices from regulated sectors that have successfully managed hybrid environments. Invest in the secure integration of private and public cloud infrastructure to unlock and leverage the 90% of private data critical for next generation AI.