Security Model
This page separates ARQEN's current demo/local security boundary from the production controls required before live regulated operation. It is not a production security claim.
Current pilot boundary
ARQEN currently operates as a demo/local pilot-ready Quality Operating System prototype. Production writes, production auth, tenant isolation, controlled evidence storage, immutable audit, e-signature, certified reporting, final controlled-copy release, and durable cross-module links remain blocked.
Production go/no-go gates
Future production access and production write routes must fail closed until the required gates are implemented and verified.
Blocked API guard contracts
The read-only guard endpoints return structured blocked responses for future production-bound route shapes. They document missing gates; they do not authenticate users, isolate tenants, authorize server-side roles, approve launch, mutate records, accept controlled files, persist audit events, or enable production operation.
/api/production-write/guardFails closed until production auth, tenant scope, server authorization, and persistence are verified.
Does not mutate records or enable production writes.
/api/production-access/guardFails closed until verified actor identity, tenant membership, role policy, and permission policy exist.
Does not authenticate users, isolate tenants, or authorize server roles.
/api/production-access/session/statusStays blocked until production session prerequisites exist without creating or trusting a production session.
Does not create, refresh, revoke, or validate production sessions.
/api/production-reporting/statusStays blocked until durable data, report templates, signature policy, and review evidence are implemented.
Does not generate, sign, certify, or export regulated reports.
/api/production-continuity/statusStays blocked until backup/restore evidence, monitoring, and launch validation exist.
Does not certify backup, recovery, environment validation, or launch approval.
/api/production-source-links/statusStays blocked until source-link writes, revision history, integrity checks, and exports are durable.
Does not create, update, delete, export, or certify source-link records.
/api/production-audit/statusStays blocked until audit-event persistence, retention, integrity, and export controls are implemented.
Does not persist audit events or create immutable audit proof.
/api/production-persistence/statusStays blocked until database configuration, migrations, repositories, and backups are verified.
Does not persist records, apply migrations, or enable production repositories.
/api/production-signature/statusStays blocked until signer identity, intent capture, record binding, and audit persistence exist.
Does not capture signatures or create signature records.
/api/production-release/go-no-goFails closed until all production readiness gates are complete and independently reviewed.
Does not approve launch or regulated operation.
/api/production-release/controlled-copy/statusStays blocked until release approval, revision control, distribution, and signature controls exist.
Does not approve releases, distribute controlled copies, or capture release signatures.
/api/controlled-evidence/statusStays blocked until storage, access control, retention, checksum, malware-scan, and audit rules exist.
Does not accept, store, export, or delete controlled files.
SOC 2 readiness path
ARQEN must collect operating evidence and complete independent auditor review before any SOC 2 report or certification language appears in public or customer-facing material. The readiness path is organized around Security, Availability, Processing Integrity, Confidentiality, and Privacy trust categories, but no SOC 2 report is claimed here.
Enterprise trust model
Public contact forms are for inquiry context only. Live production quality records require separate agreements and production controls.
Future controlled evidence and export workflows require audit-event persistence, retention rules, access control, and inclusion rules before production use.
Current pilot/demo surfaces show traceable review history and local source-basis context. Tamper-evident or immutable-audit claims require durable audit-event storage and verification gates first.
AI assistance is advisory. ARQEN does not treat generated text as compliance truth or autonomous approval authority.
Security reports should go to security@arqen-ai.com without including controlled production evidence unless a secure channel has been established.