- What it is
- An ephemeral enclave is a short-lived, session-scoped security boundary that deploys in seconds, enforces exam integrity for the duration of the assessment, and leaves no persistent footprint on the candidate's machine when it ends.
- Why it matters
- Persistent agents and kernel drivers are the reason candidates, IT teams, and privacy regulators resist traditional proctoring — an ephemeral boundary preserves the security guarantees without the invasiveness.
- How Aiseptor implements it
- Aiseptor is designed around this shape: the enclave is created at session start, destroyed at session end, and leaves behind only a signed, minimal audit record that the platform can verify.
Canonical definition
An ephemeral enclave is a security construct whose lifetime is bounded by a single assessment session. When the exam begins, a lightweight boundary is established on the candidate's device; the boundary controls which network destinations are reachable, which device-posture signals are enforced, and what the platform is allowed to observe. When the exam ends — or when the session is abandoned, or when its short-lived credentials expire — the enclave tears itself down and leaves no persistent software, kernel component, or background service behind. The design trades the invasiveness of always-on proctoring agents for a much narrower, cryptographically-bounded window of enforcement. It is a direct expression of the zero-trust principle in a consumer-device context: strong guarantees while needed, zero residue when not.
Citations
- [1]Aiseptor provisional patent filing on ephemeral network enclaves (2026)
- [2]Aiseptor architecture whitepaper (public version) (2026)