What they are
Correlate — every signal in a request joins into a single replayable timeline, preserving causality. Contain — agents are bound to identity, constrained by policy, and blocked at the perimeter if they exceed boundaries. Attest — every consequential action receives a cryptographic signature and accrues to the audit stream as it executes.
Correlate
Scattered signals → one timeline
Contain
Identity-bound · perimeter-blocked
Attest
Signed at the moment of action
Why they matter
Together the three primitives cover what regulators ask of any AI-driven decision: can you reconstruct it, can you constrain it, and can you prove who authorised it. Correlate establishes the causal record. Contain keeps execution within defined boundaries. Attest binds each consequential action to an identity and a signature. Each primitive answers a question that compliance frameworks ask in every audit.
Where they live in AIOP
Each primitive is realised as its own subsystem with a defined interface, dedicated audit surface, and clear operational ownership. Correlate manages the signal stream that joins requests into timelines. Contain governs the execution perimeter for agents, tools, and data. Attest produces the cryptographic record of every consequential action. Higher-level AIOP capabilities — evidence packs, replay, human-in-the-loop, row-level compliance — are built on top of these three.
Simplify compliance architecture to three verifiable guarantees.
- Reduce audit surface area compared to ad-hoc approaches.
- Gain regulatory approval faster with a proven, minimal architecture.
- Scale AI deployments without scaling compliance complexity.
Design to three clear contracts instead of dozens of requirements.
Monitor three subsystem SLOs.
Check three primitives instead of auditing the entire stack.
Explain the approach in three sentences.