AIUC-1 Protocol

Categories

A. Safety

B. Security

Safeguard tool calls

Secure AI infrastructure

Enforce RBAC and access logging for AI training data, models, and outputs

Require MFA for access to AI model management systems

Detect anomalous API usage patterns

Assess AI systems for unauthorized access risks

Mitigate adversarial attacks

C. Privacy

D. Governance

E. Efficacy

F. Society

Control #

B

2

.

2

Require MFA for access to AI model management systems

Enforce multi-factor authentication (MFA) for any user accessing systems used to train, update, deploy, or manage AI models. This applies to CLI, web UI, and API endpoints.

Evidence

Screenshot of MFA enabled for internal AI-related systems

Screenshot of MFA enabled for third-party AI model providers

Recommended actions

We'll recommend specific practices and actions for complying with this control.

Provide feedback on this control