Component Installation Positions

As an offline encryption and decryption tool, AI-GUARD can be independently deployed on the user host.

Table 1 shows the components required on each node for model protection in edge inference scenarios.

**Table 1** Components deployed on each node
Node	Component	Description
User management node	AI-VAULT	Provides the key service.
Running node	Crypto-fs	Provides imperceptible encryption and decryption functions. It is packed into the inference image.
Running node	KMSAgent	KMSAgent is integrated in the NPU driver to provide the encryption and decryption proxy and shield the AI-VAULT network configuration in the image.
AI-GUARD node	AI-GUARD	Provides a CLI for user's Linux hosts.

Parent topic: Networking Solution