Junction Sentinel

Project Overview

Junction Sentinel is a multi-agent cybersecurity platform designed to secure drone intelligence data.
Developed for the DIANA (NATO Defence Innovation Accelerator) challenge, it addresses two critical domains:

• Sensing & Surveillance
• Information & Data Security

The system is built on Privacy-by-Design principles, ensuring compliance, data minimization, and full auditability.
It enables real-time, privacy-preserving queries on sensitive data with safeguards against leakage and misuse.

---

System Architecture

The architecture is composed of modular, cooperative agents. This design ensures resilience, explainability, and transparency, compared to a monolithic system.

---

Agent Workflows

Agent 1: Smart Query Processor

• Intent classification for natural language queries
• Policy guardrails and compliance checks
• Generates structured MongoDB queries

Agent 2: Data Handler

• Executes only validated MongoDB queries
• Synthesizes compliant responses with Gemini API

API Endpoints

POST /api/agent/1         → Intent & compliance checks
POST /api/agent/2         → Data handler & synthesis
POST /api/agent/query     → End-to-end query workflow
GET /api/agent/audit-logs → Fetch audit logs
GET /api/userSetting      → Get user settings
PATCH /api/userSetting    → Update user settings

Technology Stack

Layer	Technology
Frontend	Next.js, React, Material UI
Backend	Node.js (Express)
Database	MongoDB
AI / ML	Google Gemini, Retrieval-Augmented Generation
Security	GDPR/NATO guardrails, Differential Privacy, Audit Logging

---

Key Features

• Privacy-by-Design: Compliance and data protection built into every step.
• Auditability: Complete records of data access and transformations.
• Ease of Use: Natural language queries automatically processed within privacy guardrails.
• Dynamic Prompt Injection: User-customizable privacy settings that adapt AI prompts in real-time.

Each authenticated user can configure three key privacy parameters:

1. High-Risk PII Categories (highRiskPII)

Defines what constitutes personally identifiable information that should be protected:

2. Allowed Data Fields (allowedFields)

Specifies which drone data fields can be accessed in queries:

3. Allowed Query Types (isAllowedQueries)

Defines the types of queries that are permitted:

Dynamic Prompt Generation

When a user submits a query, the system:

1. Retrieves User Settings from the database using Auth0 user ID
2. Injects Settings into AI Prompts dynamically modifying the privacy rules
3. Processes Query with personalized security constraints
4. Returns Response that respects the user's privacy preferences

Security Benefits

1. Personalized Privacy: Each user gets tailored privacy protection
2. Real-time Adaptation: Settings can be updated without system restart
3. Audit Trail: All setting changes are logged for compliance
4. Granular Control: Fine-grained control over data access
5. Dynamic Enforcement: AI prompts adapt immediately to new settings

---

Quickstart Guide

Follow these steps to run the Junction Sentinel prototype locally.

1. Clone the Repository

git clone https://github.com/Curtis-Thomas/junction-sentinel.git
cd junction-sentinel

2. Install Dependencies

npm install

3. Configure Environment Variables

Create a file named .env.local in the root directory and add the following:

# Google Gemini API
GEMINI_API_KEY=

# API URL
NEXT_PUBLIC_API_URL=http://localhost:3000

# MongoDB Connection
MONGODB_URI=

# Application URL
APP_BASE_URL=http://localhost:3000

# Auth0 Configuration
AUTH0_CLIENT_ID=
AUTH0_CLIENT_SECRET=
AUTH0_DOMAIN=
AUTH0_SECRET=

4. Example Dataset

Single drone data

{
    "_id": {
      "$oid": "65163625f3851b32d3a3c26a"
    },
    "droneId": "DS-001",
    "model": "Falcon 900",
    "status": "Active",
    "location": {
      "latitude": 40.7128,
      "longitude": -74.006,
      "lastUpdated": {
        "$date": "2025-09-19T10:00:00Z"
      }
    },
    "pilot": {
      "pilotId": "P-101",
      "firstName": "Alex",
      "lastName": "Chen",
      "licenseNumber": "LN-987654321",
      "contact": {
        "email": "alex.chen@example.com",
        "phone": "+1-202-555-0145"
      }
    },
    "flightHistory": [
      {
        "flightId": "F-501",
        "date": {
          "$date": "2025-09-18T14:30:00Z"
        },
        "durationMinutes": 45,
        "purpose": "Surveillance",
        "payload": "High-res Camera"
      }
    ],
    "telemetry": {
      "batteryLevel": 85,
      "altitudeMeters": 150,
      "speedMps": 20
    },
    "maintenance": {
      "lastServiceDate": {
        "$date": "2025-09-10T00:00:00Z"
      },
      "nextServiceDate": {
        "$date": "2025-10-10T00:00:00Z"
      },
      "serviceLog": "Routine check completed, propellors replaced."
    },
    "dataCollected": {
      "type": "Surveillance Imagery",
      "metadata": {
        "captureDate": {
          "$date": "2025-09-19T09:55:00Z"
        },
        "location": {
          "latitude": 40.713,
          "longitude": -74.0062
        },
        "tags": ["traffic", "cityscape"]
      },
      "storageReference": "s3://junction-sentinel-data/DS-001/images/20250919.zip"
    },
    "owner": "Junction Sentinel Corp.",
    "privacyLevel": "High"
  },

The project includes a sample dataset located in test.json.

This dataset simulates drone intelligence data.

It must be imported into your MongoDB collection before running queries.

Example command to insert the dataset:

mongoimport --uri "YOUR_MONGODB_URI" --collection drone_data --file test.json --jsonArray

Replace YOUR_MONGODB_URI with your actual MongoDB connection string.

5. Run the Development Server

   npm run dev

The app will be available at: http://localhost:3000

6. Access the API Endpoints

   GET /api/agent/1 → Intent & compliance checks
   GET /api/agent/2 → Data handler & synthesis
   POST /api/agent/query → End-to-end query workflow