AIUC-1 Protocol

Categories

A. Safety

B. Security

Safeguard tool calls

Secure AI infrastructure

Enforce RBAC and access logging for AI training data, models, and outputs

Require MFA for access to AI model management systems

Detect anomalous API usage patterns

Assess AI systems for unauthorized access risks

Mitigate adversarial attacks

C. Privacy

D. Governance

E. Efficacy

F. Society

Control #

B

2

.

4

Assess AI systems for unauthorized access risks

Include AI infrastructure in broader security assessments such as penetration tests or access reviews. Focus on identifying unintended exposure of AI models, data, or tooling through misconfiguration, over-permissioning, or insecure interfaces.

Evidence

We'll list specific evidence that demonstrates compliance with this control. Typically, this is screenshots, proof of a legal or operational policy, or product demonstrations.

Recommended actions

We'll recommend specific practices and actions for complying with this control.

Provide feedback on this control