Skip to content
Rhode Island DAAI Center of Excellence
A comprehensive, 9-dimensional ABAC system for Rhode Island's multi-tenant, cross-agency data governance. Powered by Open Policy Agent (OPA) with sub-100ms policy decisions through unified infrastructure.
9
ABAC Dimensions
vs. industry standard 3D (Subject, Resource, Action)
<div class="ri-stat-card">
<div class="ri-stat-icon">
<i class="fas fa-database"></i>
</div>
<div class="ri-stat-value" data-target="3">3+</div>
<div class="ri-stat-label">Cloud Platforms</div>
<div class="ri-stat-description">
Federated queries across AWS, Azure, PostgreSQL
</div>
</div>
<div class="ri-stat-card">
<div class="ri-stat-icon">
<i class="fas fa-tachometer-alt"></i>
</div>
<div class="ri-stat-value" data-target="100"><100</div>
<div class="ri-stat-label">ms Policy Decisions</div>
<div class="ri-stat-description">
Real-time authorization at scale
</div>
</div>
<div class="ri-stat-card">
<div class="ri-stat-icon">
<i class="fas fa-check-circle"></i>
</div>
<div class="ri-stat-value" data-target="6">6</div>
<div class="ri-stat-label">Working Demos</div>
<div class="ri-stat-description">
100% operational, ready for Nov 4 RFP Orals
</div>
</div>
ACCESS CONTROL SERVICE
Complete access control system including technology, business processes, and governance. Demonstrates multi-tenant OPA, 9-dimensional ABAC, and RFP analytics categories.
Cross-Agency Governance
Three RI agencies (DLT, DOH, DOE) sharing one policy engine with tenant isolation, cross-agency federated queries, and unified governance.
- Tenant isolation and data segregation
- Cross-agency workforce analytics
- HIPAA, FERPA, IRS 1075 compliance
- Real-time policy decisions (<100ms)
DEL-P3-011: Granular Access Control Launch Demo
<!-- Demo 2: Context-Aware Access Control -->
<div class="ri-demo-card">
<div class="ri-demo-card-header">
<div class="ri-demo-card-icon">
<i class="fas fa-user-shield"></i>
</div>
<h3 class="ri-demo-card-title">Context-Aware Access Control</h3>
</div>
<div class="ri-demo-card-body">
<p class="ri-demo-card-description">
Industry-leading 9-dimensional ABAC with 6 real-world RI government scenarios:
Emergency Room Doctor, IRB Researcher, DCYF Case Worker, Cross-Agency Analyst,
Compliance Auditor, Public Data Request (APRA).
</p>
<ul class="ri-demo-card-features">
<li>9 dimensions: Purpose, Data Subject, Aggregation, Emergency</li>
<li>Field-level data masking and redaction</li>
<li>Break-glass emergency access</li>
<li>Risk scoring and compliance frameworks</li>
</ul>
</div>
<div class="ri-demo-card-footer">
<span class="rfp-badge">DEL-P3-011: Granular Access Control</span>
<a href="https://peers-lookup-happens-evaluate.trycloudflare.com/demo/context-access?skip=true" target="_blank" class="ri-demo-card-link">
Launch Demo <i class="fas fa-arrow-right"></i>
</a>
</div>
</div>
<!-- Demo 3: Analytics Categories -->
<div class="ri-demo-card">
<div class="ri-demo-card-header">
<div class="ri-demo-card-icon">
<i class="fas fa-chart-line"></i>
</div>
<h3 class="ri-demo-card-title">Analytics Categories</h3>
</div>
<div class="ri-demo-card-body">
<p class="ri-demo-card-description">
Six RFP analytics categories: Descriptive, Diagnostic, Predictive,
Prescriptive, Cognitive, and Privacy-Preserving. Demonstrates how OPA
enables computational governance for each analytics type.
</p>
<ul class="ri-demo-card-features">
<li>Real-time policy evaluation per query type</li>
<li>Data minimization and purpose limitation</li>
<li>Privacy-preserving record linkage (PPRL)</li>
<li>Audit trails for regulatory compliance</li>
</ul>
</div>
<div class="ri-demo-card-footer">
<span class="rfp-badge">DEL-P3-015: Computational Governance</span>
<a href="https://peers-lookup-happens-evaluate.trycloudflare.com/demo/analytics-categories" target="_blank" class="ri-demo-card-link">
Launch Demo <i class="fas fa-arrow-right"></i>
</a>
</div>
</div>
<!-- Demo 4: Trino Federated Queries -->
<div class="ri-demo-card">
<div class="ri-demo-card-header">
<div class="ri-demo-card-icon">
<i class="fas fa-project-diagram"></i>
</div>
<h3 class="ri-demo-card-title">Trino Federated Queries</h3>
</div>
<div class="ri-demo-card-body">
<p class="ri-demo-card-description">
Cross-cloud data federation with OPA 9D ABAC policy enforcement.
Query AWS S3, Azure Blob, GCS, and PostgreSQL with unified governance.
Demonstrates real-time federated JOINs across RILDS and EOHHS data.
</p>
<ul class="ri-demo-card-features">
<li>PostgreSQL catalog with multi-agency data</li>
<li>Cross-agency federated JOINs on person_id</li>
<li>9D ABAC field-level filtering per query</li>
<li>Sub-500ms query latency (REQ-P3-005)</li>
</ul>
</div>
<div class="ri-demo-card-footer">
<span class="rfp-badge">DEL-P3-005: Data Virtualization</span>
<a href="https://peers-lookup-happens-evaluate.trycloudflare.com/demo/trino" target="_blank" class="ri-demo-card-link">
Launch Demo <i class="fas fa-arrow-right"></i>
</a>
</div>
</div>
<!-- Demo 5: PolicyBot RAG -->
<div class="ri-demo-card">
<div class="ri-demo-card-header">
<div class="ri-demo-card-icon">
<i class="fas fa-robot"></i>
</div>
<h3 class="ri-demo-card-title">PolicyBot RAG</h3>
</div>
<div class="ri-demo-card-body">
<p class="ri-demo-card-description">
AI-powered governance assistant with 99.7% determinism and complete provenance chains.
Ask questions about policies, regulations, and controls - get accurate, cited answers.
</p>
<ul class="ri-demo-card-features">
<li>Persona-based greetings and responses</li>
<li>Thumbs up/down feedback mechanism</li>
<li>Evidence page with determinism metrics</li>
<li>Neo4j provenance chains to source documents</li>
</ul>
</div>
<div class="ri-demo-card-footer">
<span class="rfp-badge">DEL-P1-014: AI Governance</span>
<a href="https://peers-lookup-happens-evaluate.trycloudflare.com/demo/policybot" target="_blank" class="ri-demo-card-link">
Launch Demo <i class="fas fa-arrow-right"></i>
</a>
</div>
</div>
<!-- Demo 6: ALGP Access Lifecycle -->
<div class="ri-demo-card">
<div class="ri-demo-card-header">
<div class="ri-demo-card-icon">
<i class="fas fa-key"></i>
</div>
<h3 class="ri-demo-card-title">ALGP Access Lifecycle</h3>
</div>
<div class="ri-demo-card-body">
<p class="ri-demo-card-description">
Complete access lifecycle governance platform with 4 request types,
multi-stage approval workflows, and OPA policy auto-generation.
</p>
<ul class="ri-demo-card-features">
<li>4 request types: Individual, DSA, Emergency, API</li>
<li>Multi-stage Camunda BPMN workflows</li>
<li>OPA policy auto-generation from requests</li>
<li>Quarterly access certification</li>
</ul>
</div>
<div class="ri-demo-card-footer">
<span class="rfp-badge">DEL-P3-015: Access Lifecycle</span>
<a href="https://peers-lookup-happens-evaluate.trycloudflare.com/demo/algp" target="_blank" class="ri-demo-card-link">
Launch Demo <i class="fas fa-arrow-right"></i>
</a>
</div>
</div>