Building Sovereign AI: Lessons from Deploying Secure RAG Systems using Confidential Computing

This session explores how real-world government organizations are building and deploying secure AI systems using Retrieval-Augmented Generation (RAG) on sensitive data. Based on hands-on project experience across public sector customers, we will walk through how teams move from early AI prototypes to production-ready systems under strict requirements around privacy, compliance, and data residency. The session will cover: How developers design RAG pipelines for sensitive and regulated data, key architectural decisions (data ingestion, indexing, retrieval, grounding, and model orchestration), security and identity patterns required for sovereign AI scenarios, common pitfalls encountered when scaling beyond demos, and practical lessons learned from real deployments.