Gateco logo
ContactGet Started
Blog/reference architecture

reference architecture

4 posts

reference architecturearchitecturesecurityragengineering

Pre-Retrieval vs Post-Retrieval Authorization

A RAG pipeline can enforce access inside the vector query or in the app after results return. Each has a distinct failure mode. Here is what breaks.

June 21, 2026·7 min read
reference architectureragsecurityengineering

How to Enforce Document-Level Permissions in Enterprise RAG

Embeddings throw away the permissions your source systems already track. Here is the recipe to carry document-level permissions into a RAG pipeline.

June 20, 2026·8 min read
reference architecturepolicysecurityengineering

RBAC, ABAC, or ReBAC: Which Access Model to Use

Gateco supports role, attribute, and relationship-based access control, and you can mix them in one policy set. Here is which model fits which pattern.

June 19, 2026·7 min read
reference architectureragengineeringproduct

Adding Gateco to a LangChain or LlamaIndex RAG Pipeline

Gateco is not a RAG framework. It is the authorization layer you insert at the retrieval step of LangChain or LlamaIndex. Here is where it goes, and why.

June 19, 2026·6 min read
← All posts
Gateco

Permission-Aware Retrieval for AI Systems

<25ms p95 policy-layer overhead•Fail-closed by default
Get Started, Free
Available onAzure Marketplace

Product

  • Features
  • Pricing
  • Integrations
  • Architecture
  • MCP Server

Solutions

  • For Security Teams
  • Customers
  • EU AI Act

Compare

  • All comparisons
  • vs Cerbos
  • vs pgvector RLS
  • vs Microsoft Purview
  • vs Glean
  • vs Pinecone RBAC
  • vs Oso
  • vs OPA / Rego
  • Build vs buy

Resources

  • Documentation
  • SDKs
  • Guides
  • Blog
  • Videos
  • Changelog
  • Roadmap
  • Design Partners
  • About

Compliance

  • Security
  • Trust Center
  • SOC 2
  • GDPR
  • HIPAA
  • EU AI Act
  • Privacy Policy
  • Terms of Service

© 2026 Gateco. All rights reserved.

security@gateco.aienterprise@gateco.ai