Architecture

8-Layer Architecture

The reference architecture AIOP is built on — identity at the perimeter, evidence at the audit boundary.

What it is

Eight distinct layers, each with a single responsibility: Identity verifies who's asking. Policy decides what's permitted. Orchestrator routes requests model-agnostically. Agent Space executes in isolation. Tool Surface provides controlled capabilities. Model Layer talks to AI providers. Data Plane enforces record-level access. Evidence captures everything for audit. Each layer has clear contracts, defined boundaries, and independent audit trails. No layer can bypass another — the architecture enforces the control chain.

8-layer architectureHover for details
Eight-layer architecture01Clients02Enterprise Identity03Enterprise Data04Platform Core05Agentic Automation06API Layer07Micro Services08SDK & DevelopmentREQUEST
Layer 01

Clients

Portal · API · Desktop · Mobile

Each layer is its own responsibility with its own SLO and audit surface.

Eight layers · one request flows from client to SDK

Why it matters

Separation of concerns isn't academic — it's what makes the architecture auditable and adaptable. When Identity is separate from Policy, you can change authentication providers without rewriting authorization rules. When Tool Surface is separate from Model Layer, you can swap AI vendors without changing what your agents can do. This modularity is what regulators look for: clear boundaries they can verify independently. Eight layers is the minimum that survives regulatory scrutiny — we tested with more, they collapsed into these.

Where it lives in AIOP

Every AIOP deployment implements all eight layers, regardless of deployment mode. Managed cloud, dedicated, air-gapped — the architecture stays constant, only the hosting environment changes. The Three Primitives operate across these layers: Correlate threads signals through them, Contain enforces boundaries between them, Attest signs decisions at each layer. Together, the eight layers and three primitives form the complete AIOP platform contract.

Business Value

Future-proof your AI infrastructure by decoupling components.

  • Swap vendors, upgrade capabilities, or change policies without full system rewrites — reducing modernization cost and risk.
  • Pass audits faster with clear architectural boundaries that map directly to regulatory requirements.
  • Scale confidently knowing each layer is independently verifiable.
Value for Teams
Architects

Gain a reference model that's proven under audit.

Platform teams

Modify individual layers without cascading changes.

Security officers

Audit each layer independently instead of the entire stack.

CIOs

Explain the system to boards and regulators with a clear, defensible architecture diagram.