Security Architecture Whitepaper
Last Updated: May 31, 2026
AI Teacher Assistant recognizes that protecting Special Education documentation, student reading levels, and Personally Identifiable Information (PII) is the highest operational priority for any educational institution.
To guarantee that your classroom data remains uncompromised, we have explicitly abandoned traditional "database-driven" SaaS architectures. We operate exclusively on a Stateless, Zero-Trust Execution Pipeline.
1. Zero-Trust Authentication (chrome.identity)
We utilize Google’s native chrome.identity OAuth framework.
- No Native Passwords: Our systems do not capture, intercept, proxy, or store Google Workspace passwords.
- Short-Lived Ephemeral Tokens: The Chrome browser grants us temporary API access tokens based on scopes explicitly approved by the educator.
- Granular Permitting: We request strictly scoped Google Drive permissions to parse the Teacher's rosters and generate documents.
2. In-Transit Encryption (TLS 1.2+)
All data transmitted from the local Chrome Extension to our backend API Gateway is strictly encrypted in transit.
- Traffic routes exclusively over HTTPS utilizing TLS 1.2+ encryption standards.
- We utilize Google Cloud's native globally distributed Load Balancers to intercept incoming requests and protect the gateway against DDoS and standard injection vectors.
3. Stateless Computation via Ephemeral Containers
This is our primary pillar of absolute data security. There are no persistent databases attached to our backend logic.
- When a lesson generation request strikes our
/api/v1/roster/differentiateproxy, Google Cloud Run automatically spins up an entirely isolated, Ephemeral Linux Container inside Google's secure perimeter. - The student roster CSV data is injected into the container's Volatile RAM (Memory).
- The moment the API finishes invoking the Large Language Model and streams the finalized Google Doc directly back into the Teacher’s Google Drive, the Google Cloud container instantly self-terminates.
- This stateless architecture ensures that any hypothetical attacker breaching our perimeter would find absolutely zero historical user data, as the system programmatically disintegrates its own computing environment after every single user click.
4. Enterprise Large Language Model (LLM) Governance
Our Agentic frameworks route requests exclusively to Google's Enterprise Vertex AI / Gemini endpoints, completely bypassing consumer-grade LLM interfaces.
- No Foundational Training: By explicitly operating on the Enterprise API, the text contained within your Master Lesson Plans and Rosters is contractually opted-out of being used to train Google's foundational models.
- Compute Isolation: All AI payload processing remains mathematically isolated strictly within the boundary of our underlying Google Cloud Project.