iRNDOM
Home Live Demo Install & Integrate FAQ Legal
A privacy control plane for data in motion. Vendors and outside systems get labels, internal systems can restore only in the internal zone with audit.
Gateway: Checking…
Sidecar: Checking…
Audit: Enabled
Input
Zone: vendor
Think of this as “sending sensitive text to an outside vendor”. iRNDOM ensures that raw identifiers don’t leave your boundary — the vendor only sees Safe Labels™.
Mode: LIVE Policy enforcement & signing occur in the gateway service (server-side). This UI is a viewer.
Quick presets
Tip: hit Ctrl + Enter
Route
Press “Send” to watch the route + proofs update.
Vendor Zone
Outside trust boundary
Zone: vendor
iRNDOM Gateway
Verifies signature + enforces rules
Zone Gates™ + Signed Audit™
Safe Labels™ Sidecar
Replaces identifiers with Safe Labels™
Safe Labels™ outbound
Internal Systems
Verified Restore™ (internal-only)
Signed Audit™ + auth required
Process
Outside systems receive Safe Labels™. Internal systems can restore with verified, audited access.
01
Vendor sends sensitive text to the gateway.
02
Gateway verifies signature and enforces zone rules.
03
Sidecar replaces sensitive values with labels and stores mappings.
04
Vendor output is safe — only labels leave the trust boundary.
05
Internal requests restoration (audited + authorized).
06
Sidecar restores originals and returns to internal systems.
Results
Outside systems receive Safe Labels™. Internal systems can restore with verified, audited access.
Vendor sees (Safe Labels™) 🔒
Internal sees (restored)
Hacker replay
Replay → BLOCKED
Header tamper → BLOCKED
Zone violation → BLOCKED
Full hacker JSON for engineers
Proofs & audit
Tip: use the Audit view button below to open live audit events.
Signature: pending
Zone flow: pending
Vault: pending
“Vendor gets labels. Internal can restore. Every restore is verified + logged.”