Reviewable Decision Evidence

Claims of AI safety are insufficient for enterprise security architecture. BeaconGuard emits structured, cryptographic proof of every enforcement action.

This is a canonical, sanitized BeaconGuard decision record derived from live enforcement behavior. The artifact is publicly presented in a simplified form while preserving the real product structure and proof surface.

Canonical Decision Record Statement

The fields below are the core signals a reviewer inspects to understand what happened, why it happened, and what evidence was emitted.

JSON

{
  "event_timestamp": "2026-03-27T14:32:01Z",
  "correlation_id": "req_884a2b9c_fcrime",
  "boundary_enforcement": {
    "decision_class": "DENY_POLICY",
    "enforced": true,
    "policy_id": "pol_aml_crossborder_v1.4",
    "trigger_condition": "missing_mandatory_compliance_evidence"
  },
  "cryptographic_provenance": {
    "x_bg_decision_hash": "a7f8b9...c3d2e1",
    "x_bg_manifest_hash": "b2e4c6...d8f0a2"
  },
  "trust_validation": {
    "signature_present": true,
    "signature_valid": true,
    "replay_detected": false
  }
}

What Reviewers Inspect

• Explicit Enforcement: The decision_class and enforced fields show denied path execution rather than a warning-only model.
• Policy Identity: The policy_id identifies which governed policy controlled the outcome.
• Trigger Condition: The trigger_condition records why the deny path was executed.
• Trust Validation: The trust block confirms signature and replay validation outcomes.
• Cryptographic Binding: The decision hash and manifest hash bind emitted decision and evidence artifacts to the same control event.

Cryptographic Binding Explanation

The decision hash and manifest hash are emitted with the decision to support verification that a decision and its evidence record were produced from the same control event in the enforcement path.

This is a canonical, sanitized artifact, not an internal source export, and is derived from live enforcement behavior.

Related Review Material