Security-First RAG Service for Swedish Tax Law

Swedish tax law content is highly domain-specific, context-dependent, and risky to expose through a generic retrieval workflow. A useful public-facing RAG system needed to retrieve relevant legal context while avoiding common failure modes such as leaking source text, returning unsupported answers, mixing stale context, or exposing internal ingestion/admin operations. The challenge was to design a retrieval service that was not only functional as a demo, but also structured around security boundaries, controlled access, redaction, observability, and operational recovery.

Designed and built a security-oriented RAG service using FastAPI, ChromaDB, SQLite, and Fernet, separating embeddings from encrypted source text through a split-storage architecture. Implemented admin-gated ingest and reconciliation workflows, context-redaction controls, structured error handling, and multi-level health checks for safer public-facing retrieval. Added production-minded delivery with Gradio, Docker, GitHub Actions, Prometheus, Grafana, Alertmanager, and Hugging Face Spaces deployment for public demo packaging and operation.

The project produced a security-oriented RAG service with a split-storage architecture, separating vector retrieval from encrypted source text and placing sensitive ingest/reconciliation workflows behind admin controls. It demonstrated how a legal-domain assistant can be packaged with practical production concerns: redacted context handling, structured errors, health checks, monitoring hooks, CI/CD, Docker-based deployment, and a public Gradio demo. The result is a stronger reference architecture for building RAG systems where trust, traceability, and data exposure matter as much as answer quality.