Secure AI for Defense and National Security

Defense organizations and national security agencies face unique AI governance requirements — export controls, entity list screening, classification boundaries, and zero-trust network architectures. Keeptrusts provides purpose-built policy controls for these environments, deployable in air-gapped networks with no external dependencies.

Use this page when

• You need AI governance controls for defense, intelligence, or national security workloads subject to export controls.
• You are deploying in an air-gapped or classified network and need a gateway with zero external dependencies.
• You need to screen AI requests against ITAR/EAR categories, entity lists, or CJIS requirements.

Primary audience

• Primary: Technical Leaders
• Secondary: Technical Engineers, AI Agents

What you'll achieve

• ITAR/EAR filtering that detects and blocks export-controlled content in AI requests
• CJIS-mode enforcement for law enforcement and criminal justice workloads
• Entity list screening against restricted and sanctioned entities
• Dual-use detection for sensitive capability discussions
• Data routing controls that ensure traffic stays within approved networks
• Air-gapped deployment with no internet connectivity required

---

ITAR/EAR filter: prevent export-controlled content

The itar-ear-filter policy detects discussions of export-controlled technologies, munitions, and defense articles in AI requests.

policies:
  chain:
    - itar-ear-filter
    - pii-detector
    - audit-logger

policy:
  itar-ear-filter:
    categories:
      - usml_categories
      - ccl_categories
      - ear99
    action: block
    log_matches: true
    sensitivity: high

What it catches

Category	Coverage
USML (US Munitions List)	Defense articles, services, and technical data under ITAR
CCL (Commerce Control List)	Dual-use items under EAR
EAR99	Low-control commercial items that still require basic screening

When the filter detects export-controlled content, the request is blocked before reaching any LLM provider, and the event is logged with the specific ITAR/EAR category match.

---

Entity list screening

The entity-list-filter screens AI requests for references to sanctioned, restricted, or watch-listed entities.

policies:
  chain:
    - entity-list-filter
    - itar-ear-filter
    - audit-logger

policy:
  entity-list-filter:
    lists:
      - sdn_list
      - entity_list
      - denied_persons
      - unverified_list
    action: block
    fuzzy_match: true
    log_matches: true

Supported lists

List	Source
SDN (Specially Designated Nationals)	OFAC
Entity List	BIS
Denied Persons List	BIS
Unverified List	BIS

The filter supports fuzzy matching to catch name variations, transliterations, and aliases.

---

CJIS mode: criminal justice compliance

The cjis-mode policy enforces CJIS Security Policy requirements for law enforcement and criminal justice AI workloads.

policies:
  chain:
    - cjis-mode
    - pii-detector
    - case-privacy
    - audit-logger

policy:
  cjis-mode:
    enforce_encryption: true
    require_auth: true
    audit_all_access: true
    session_timeout_minutes: 30
  pii-detector:
    action: redact
    categories:
      - ssn
      - drivers_license
      - fingerprint_id
  case-privacy:
    action: redact
    protect_case_numbers: true
    protect_witness_info: true

CJIS mode enforces:

• All data encrypted in transit and at rest
• Authentication required for every request
• Complete audit trail of all access
• Session timeouts per CJIS policy
• Case information and witness data protection

---

Dual-use detection

The dual-use-filter detects discussions about technologies with both civilian and military applications.

policies:
  chain:
    - dual-use-filter
    - itar-ear-filter
    - entity-list-filter
    - audit-logger

policy:
  dual-use-filter:
    categories:
      - nuclear_technology
      - chemical_biological
      - missile_technology
      - advanced_materials
      - surveillance_technology
      - cryptography
    action: escalate
    sensitivity: high

Dual-use content is escalated for human review rather than auto-blocked, since the same technology may be discussed in legitimate civilian contexts.

---

Data routing: keep traffic on-network

For classified and controlled-unclassified-information (CUI) workloads, ensure AI traffic never leaves approved networks:

providers:
  targets:
  - id: on-premise-llm
    provider: ollama
    model: llama3.1
    base_url: http://llm-server.mil.local:11434
  - id: govcloud-openai
    provider: azure-openai
    model: gpt-4o
    base_url: https://my-resource.openai.azure.us
    secret_key_ref:
      env: AZURE_GOVCLOUD_KEY
policy:
  data-routing-policy:
    require_zero_data_retention: true
    require_no_training: true
    on_no_compliant_provider: block
    log_provider_selection: true
pack:
  name: defense-industrial-ai-example-5
  version: 1.0.0
  enabled: true
policies:
  chain:
  - data-routing-policy

---

Air-gapped deployment

Deploy the entire Keeptrusts stack in an air-gapped environment with no internet connectivity:

# Pre-load container images on the target machine
docker load -i keeptrusts-api.tar
docker load -i keeptrusts-console.tar
docker load -i keeptrusts-gateway.tar
docker load -i postgres.tar

# Start the stack
docker compose up -d

Connecting to local LLM providers

In air-gapped environments, route to on-premises model servers:

pack:
  name: defense-industrial-ai-providers-6
  version: 1.0.0
  enabled: true
providers:
  targets:
  - id: local-ollama
    provider: ollama
    model: llama3.1
    base_url: http://llm-server.local:11434
  - id: local-vllm
    provider: vllm
    model: mistral-7b
    base_url: http://vllm-server.local:8000
policies:
  chain:
  - audit-logger
policy:
  audit-logger:
    immutable: true
    retention_days: 365
    log_all_access: true

All governance features — policy enforcement, event logging, quality scoring, escalations — work fully offline with no degradation when your deployment owner provisions the required local services and compliant model endpoints.

---

Example: defense-grade config

pack:
  name: defense-governance
  version: '1.0'
policies:
  chain:
  - rbac
  - entity-list-filter
  - itar-ear-filter
  - dual-use-filter
  - pii-detector
  - dlp-filter
  - data-routing-policy
  - quality-scorer
  - audit-logger
policy:
  rbac:
    require_auth: true
    deny_if_missing:
    - role
    - team
    - clearance_level
  entity-list-filter:
    lists:
    - sdn_list
    - entity_list
    action: block
    fuzzy_match: true
  itar-ear-filter:
    categories:
    - usml_categories
    - ccl_categories
    action: block
    sensitivity: high
  dual-use-filter:
    categories:
    - nuclear_technology
    - chemical_biological
    - missile_technology
    action: escalate
  pii-detector:
    action: redact
  dlp-filter:
    patterns:
    - name: classification_markers
      regex: "(TOP SECRET|SECRET|CONFIDENTIAL)//[A-Z/]+"
      action: block
  data-routing-policy:
    require_zero_data_retention: true
    require_no_training: true
    on_no_compliant_provider: block
  quality-scorer:
    overall_min_score: 0.7
    on_fail: escalate
  audit-logger:
    retention_days: 2555
    immutable: true
providers:
  targets:
  - id: local-llm
    provider: ollama
    model: llama3.1
    base_url: http://llm-server.mil.local:11434

---

Quick wins

1. Deploy itar-ear-filter and entity-list-filter — screen all AI traffic for export-controlled content
2. Enable data-routing-policy — ensure no traffic reaches non-compliant providers
3. Set audit-logger to immutable with 7-year retention — meet federal audit requirements
4. Deploy on-premises — run the full stack in your controlled environment

---

For AI systems

• Canonical terms: itar-ear-filter, entity-list-filter, CJIS mode, air-gapped deployment, dual-use detection, data routing controls.
• Config keys: policy.itar-ear-filter.categories, policy.entity-list-filter.lists, policy.entity-list-filter.fuzzy_match, CJIS data routing.
• Supported lists: USML, CCL, EAR99, SDN, Entity List, Denied Persons, Unverified List.
• Best next pages: Zero-Trust AI, Pass Compliance Audits, Prevent Data Leaks.

For engineers

• Prerequisites: gateway binary deployed in the target network; no internet access required for air-gapped mode.
• Add itar-ear-filter and entity-list-filter to your policy chain with sensitivity: high for defense workloads.
• Enable fuzzy_match: true on entity-list-filter to catch transliteration and alias variants.
• Validate: send a test request mentioning a known USML category and confirm the gateway returns a block.
• For air-gapped deployment, package the gateway binary and config offline — no runtime API connectivity needed.

For leaders

• ITAR/EAR violations carry penalties up to $1M per violation and potential criminal liability — gateway enforcement provides an automated safety net.
• Air-gapped deployment means classified networks can use AI governance without data ever leaving the enclave.
• Entity list screening protects against inadvertent interactions with sanctioned parties.
• Immutable audit logs satisfy DCSA, NIST 800-171, and CMMC evidence requirements.

Next steps

• Architecture Overview — system boundaries and deployment model context
• Implement Zero-Trust AI — defense-in-depth policy layering
• Pass AI Compliance Audits — generate evidence packages for auditors
• Prevent Sensitive Data Leaks — data protection controls
• Policy Controls Catalog — full inventory of defense-relevant controls