Secure AI in Action at Nexus Luxembourg 2025

Leave a Comment / Talks & Webinars / By

Last June I had the chance to spend two intense, inspiring days at Nexus Luxembourg 2025 โ€“ and this time not just as an attendee, but on stage, sharing something Iโ€™m deeply passionate about: secure, AI-powered applications built fully inside Oracle Database.

Together with my colleague Thomas Minne, we showed how AI, data security, and low-code development come together in a real healthcare use case โ€“ no slides-only theory, but a live demo running entirely on Oracle Database 23ai.

One database. One secure AI-ready foundation. One future.

That was the core message of our sessionโ€ฆ and it really resonated.

Why Secure AI Pipelines Matter (Especially in Healthcare)

Our story started from a simple but uncomfortable truth:

You cannot treat AI pipelines as side projects when the data involved is sensitive.

In healthcare, weโ€™re dealing with:

  • Patient records
  • Clinical notes
  • Medication history
  • Internal guidelines and protocols

Now mix that with vectorization (embeddings) and RAG (Retrieval-Augmented Generation) and you quickly get into risky territory if data leaves its secure home.

The traditional approach often looks like this:

  1. Export data from the database
  2. Push it into an external vector store or AI service
  3. Try to re-create security rules somewhere else

This introduces more systems, more attack surface, and more inconsistent security models. At Nexus, many people told us the same story: the AI stack is fragmented, complex, and expensive to secure.

Our answer was different:

What if the database could be your vector store, your AI orchestration engine, and your security boundary โ€“ all at once?

Our Session: Secure AI Workflows Inside Oracle Database 23ai

On June 17 at 16:00, we walked through a complete end-to-end scenario:
a healthcare application that uses GenAI while respecting strict privacy requirements.

We focused on four core capabilities inside Oracle Database 23ai:

  • AI Vector Search โ€“ to store and query embeddings directly in the database
  • DBMS_VECTOR_CHAIN โ€“ to orchestrate RAG-style workflows natively in SQL/PL/SQL
  • Oracle Machine Learning (OML) โ€“ to build and operationalize models close to the data
  • Real Application Security (RAS) โ€“ to ensure every user only sees what theyโ€™re allowed to see, even in AI flows

And on top of all that, we used:

  • Select AI โ€“ to speed up development and make it easier to build smart behaviors
  • Oracle APEX โ€“ as the low-code front end where doctors, pharmacists, or analysts can actually use the AI securely

Everything ran inside the database.
No data movement. No external vector store. No copy-paste security.

The Healthcare Demo: RAG With Real Security

In the live demo (Iโ€™ll embed a short video recap here in the post ๐ŸŽฅ), we walked through a concrete scenario:

  • A healthcare professional logs into an Oracle APEX app connected to an Oracle Database 23ai backend.
  • They ask a question that requires combining:
    • patient-related information,
    • internal medical guidelines,
    • and contextual knowledge stored as documents and vectors.
  • The system performs a RAG pipeline:
    1. Uses AI Vector Search to find the most relevant chunks of information.
    2. Orchestrates the flow via DBMS_VECTOR_CHAIN.
    3. Ensures that Real Application Security rules are applied at every step:
      • A doctor, a pharmacist, and an admin do not see the same data.
    4. Produces a GenAI-powered answer with the supporting evidence and proper traceability.

The key point:
Even the embeddings (vectors) are subject to the same RAS policies as the original data.

That means:

  • No โ€œshadowโ€ copies of sensitive data in external services.
  • No duplicated security logic.
  • No additional tools just to secure the AI layer.

As Thomas explains beautifully in his article on securing vectorized data with RAS in Oracle Database 23ai, this is where database-native AI becomes a real game changer for regulated industries like healthcare.

(Iโ€™ll link his article here in the blog so you can dive deeper into the technical details.)

The APEX Layer: Where Security Meets User Experience

Of course, all of this would stay theoretical if it lived only at database level.

Thatโ€™s where Oracle APEX came in.

We built an application that:

  • Authenticates different healthcare roles
  • Calls the RAG pipeline inside the database
  • Visualizes:
    • the AI-generated answer,
    • the source documents used,
    • and the underlying security constraints in action

The message we wanted to send was clear:

You donโ€™t need 10 different platforms to build secure, AI-powered apps.
You can do it with one converged database and a low-code front end.

And based on the reactions after the sessionโ€ฆ this really clicked.

Conversations at Nexus: Fragmentation vs. Convergence

Outside of the session, Nexus Luxembourg was all about conversations.

Over coffee and in the expo area, we heard the same pattern from many organisations:

  • Multiple databases
  • Different security models
  • Separate AI services
  • Integrations everywhere

It worksโ€ฆ but itโ€™s fragile and costly. Every time you add a new AI use case, you also add more complexity.

Thatโ€™s why our message โ€”
โ€œOne database. One secure AI-ready foundation. One future.โ€ โ€”
landed so strongly with both business and technical audiences.

Business leaders care about risk, cost, and speed.
Technical teams care about architecture, security, and maintainability.

A converged platform gives both sides what they need.

Personally: What This Event Meant to Me

On a personal level, Nexus Luxembourg was special.

  • I got to represent Oracle and show work that I truly believe can make AI safer and more useful.
  • I had the chance to collaborate closely with Thomas, whose expertise on RAS and security is at the heart of this story.
  • I felt the strength of having strategy and field experience aligned โ€“ from product vision to real demos.

The Luxembourg Oracle office also made us feel at home (itโ€™s a small office, so I think we met almost everyone ๐Ÿ˜„).

For me, this event was another reminder that:

The real power of AI in the enterprise is not just having a model.
Itโ€™s about integrating AI securely into existing systems and workflows โ€“ without breaking trust.

Whatโ€™s Next?

This is just the beginning for us:

  • Weโ€™ll continue evolving this healthcare use case.
  • Weโ€™re exploring how the same architecture can apply to other regulated industries (finance, public sector, etc.).
  • And weโ€™ll keep sharing what we learn โ€“ in conferences, webinars, and yes, here on this blog.

If youโ€™re curious about:

  • Securing vectorized data and RAG workflows in Oracle Database 23ai
  • Using RAS, AI Vector Search, DBMS_VECTOR_CHAIN, OML, Select AI, and APEX together
  • Or just want to understand how to simplify your AI architecture

โ€ฆstay tuned. More posts (and more diagrams and demos!) are coming.

And if you were at Nexus Luxembourg and we met there:
thank you for the conversations, the questions, and the energy.

Subscribe to my Newsletter

Two to four reads per month. Practical AI, vectors, demos & events. No spamโ€”unsubscribe anytime.

We donโ€™t spam! Read more in our privacy policy

Leave a Comment

Your email address will not be published. Required fields are marked *

Sign up
Sign up

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout