AI security is fundamentally about observability with context. We track inputs, outputs, and model behavior patterns, then compare against established baselines to detect anomalies — logged to a per-integration API with per-deploy specifics and end-to-end configuration details.
🖼️ End-to-End Architecture Diagram
- Track prompts, responses, and processing patterns
- Establish baselines of normal vs. abnormal behavior
- Apply data classification (PICR,1/2/3) for all system actions
- Compare current behavior against established patterns
- Alert on deviations that exceed thresholds
- Use Lightweight Heuristics w/ Stepwise Validation
- Validate models against known attack patterns
- Implement continuous security testing
- Maintain audit trails for compliance
The System Breadcrumb is a SHA-256 (or contemporaneous equivalent) hash of the initial use_case_registry.json, used as a shared secret for deployment identity verification and auditability. It provides immutable context anchoring for logs and requests.
Artifacts:
use_case_registry.json– Source of truth for the AI Passportsystem_breadcrumb.txt– Hash artifact derived from the abovetool_invocation.log– Operational log entries referencing the breadcrumb
🔐 Python: Generate System Breadcrumb
# generate_breadcrumb.py
import json, hashlib
def generate_system_breadcrumb(json_path: str) -> str:
with open(json_path, 'r') as f:
data = json.load(f)
encoded = json.dumps(data, sort_keys=True).encode('utf-8')
breadcrumb = hashlib.sha256(encoded).hexdigest()
with open('system_breadcrumb.txt', 'w') as out:
out.write(breadcrumb)
return breadcrumbEach team has clear responsibilities:
- Enterprise: Set security standards, define classifications
- IT/Ops: Configure runtime environments, validation parameters
- Application Teams: Implement controls, monitor business metrics
🧭 C4 Architecture Views
| View | Description | Link |
|---|---|---|
| Context | High-level system context | |
| Container | Deployment components | |
| Component | Key functional elements | |
| Code | Implementation details | |
| Personas | User/stakeholder roles |
- API Schema Definition
- Logging Implementation
- Tool Classification
use_case_registry.json– Defines the deployment’s purpose and scopesystem_breadcrumb.txt– Canonical SHA-256 fingerprinttool_invocation.log– Signed and referenceable activity logs
⚙️ AI Control Plane API Documentation
This API provides a system of record for configuration changes across AI deployments. It supports:
- Schema evolution
- Role-based access control
- Audit trail of all changes
- Backwards compatibility
All requests require a bearer token specific to your role:
- Enterprise Infrastructure:
enterprise-token - LOB IT:
lob-token - Application Teams:
app-token
Refer to the get_current_role function in LoggingAPI.py for token-to-role mapping.
Enterprise teams manage core infrastructure configurations. This path allows updating the enterprise schema, defining standards like data classification and alerting.
Adding GPU Configuration Example:
This curl command demonstrates adding a GPU configuration to the enterprise schema.
curl -X POST http://localhost:8000/api/v1/config/schema \
-H "Authorization: Bearer enterprise-token" \
-H "Content-Type: application/json" \
-d '{
"name": "gpu-inference",
"targetMetric": "gpu_utilization",
"dataClassification": "Restricted",
"quickAlertHeuristic": {
"threshold": 0.85,
"window": "5m"
},
"gpu_config": {
"type": "A100",
"memory": "80GB"
},
"reason": "Production scale-up for high-throughput inference"
}'📋 Example Response
{
"status": "success",
"message": "Enterprise schema updated",
"updated_schema": {
"type": "object",
"required": ["name", "targetMetric", "dataClassification", "quickAlertHeuristic"],
"properties": {
"name": {"type": "string"},
"targetMetric": {"type": "string"},
"dataClassification": {
"type": "string",
"enum": ["Public", "Internal", "Confidential", "Restricted"]
},
"quickAlertHeuristic": {
"type": "object",
"required": ["threshold", "window"],
"properties": {
"threshold": {"type": "number"},
"window": {"type": "string"}
}
},
"author": {"type": "string"},
"reason": {"type": "string"},
"timestamp": {"type": "string", "format": "date-time"},
"gpu_config": { # New field added
"type": "object",
"properties": {
"type": {"type": "string"},
"memory": {"type": "string"}
}
}
},
"additionalProperties": true
}
}LOB IT teams manage runtime configurations and model validation parameters.
Adding Operational Metric Example:
curl -X POST http://localhost:8000/api/v1/runtime/schema \
-H "Authorization: Bearer lob-token" \
-H "Content-Type: application/json" \
-d '{
"modelVersion": "v2.1.0",
"validationParameters": {
"minBatchSize": 32,
"maxLatencyMs": 100
},
"operational_metric": "inference_throughput",
"reason": "Adding throughput monitoring for batch processing"
}'(Successful responses will be similar to the enterprise update, showing "Runtime schema updated" and the updated_schema for "runtime" including the new operational_metric field.)
Application teams manage custom integrations and business metrics.
Adding Custom Metrics Example:
curl -X POST http://localhost:8000/api/v1/integrations/schema \
-H "Authorization: Bearer app-token" \
-H "Content-Type: application/json" \
-d '{
"customThresholds": {
"accuracy": 0.95,
"latency_p99": 250
},
"businessMetric": "revenue",
"callbackUrl": "https://app-endpoint/callback",
"reason": "Adding latency monitoring for SLA compliance"
}'(Successful responses will show "Integration schema updated" and the updated_schema for "integration" including the new callbackUrl field.)
View the history of changes for any schema type (enterprise, runtime, or integration). This is vital for compliance and tracking configuration evolution.
Example Request:
curl -X GET http://localhost:8000/api/v1/audit/enterprise \
-H "Authorization: Bearer enterprise-token"```
<details>
<summary><strong>📋 Example Response</strong></summary>
```json
{
"changes": [
{
"timestamp": "2024-02-13T14:30:00Z",
"schema_type": "enterprise",
"author": "enterprise-enterprise",
"change": {
"name": "gpu-inference",
"targetMetric": "gpu_utilization",
"dataClassification": "Restricted",
"quickAlertHeuristic": {
"threshold": 0.85,
"window": "5m"
},
"gpu_config": {
"type": "A100",
"memory": "80GB"
},
"reason": "Production scale-up for high-throughput inference",
"author": "enterprise-enterprise",
"timestamp": "2024-02-13T14:30:00Z"
}
}
// ... other historical changes for 'enterprise' schema
]
}📜 Schema Evolution Rules
- Required Fields (must be present in the request body for the respective schema type, unless already defined and not being changed):
- Enterprise:
name,targetMetric,dataClassification,quickAlertHeuristic - LOB IT:
modelVersion,validationParameters - App Teams:
customThresholds,businessMetric
- Enterprise:
- All Changes Require:
reason: A string explaining the purpose of the change (optional for GET).- Appropriate role authorization (validated via token).
- The request body must validate against the current base schema structure for required fields and their types.
- New Fields:
- If
additionalPropertiesis true in the base schema (which it is for all defined schemas), new fields can be added. - The API infers the type of new fields (e.g., string, number, object) based on the provided value.
- These new fields are then incorporated into the schema definition for future validations.
- New fields cannot override the type or structure of existing, defined fields in
base_schemas.
- If
Common error responses include:
📋 Access Denied (403 Forbidden)
{
"detail": "Enterprise access required"
}📋 Invalid Token (401 Unauthorized)
{
"detail": "Invalid token"
}```
</details>
<details>
<summary><strong>📋 Validation Error (400 Bad Request)</strong></summary>
```json
{
"detail": "[ErrorDetail(message=\"'reason' is a required property\", ...)]"
}(Actual jsonschema error message might be more verbose)
- Compliance: Meet regulatory requirements with audit trails
- Security: Detect and mitigate novel AI-specific threats
- Operational: Faster incident response with clear accountability
- Define your Tools & Sensitivity (
tool_invocation.log) - Create a use case registry entry (
use_case_registry.json) - Generate your system breadcrumb Artifacts: (
system_breadcrumb.txt) - Attach breadcrumb ID to all Sensitive Tool Invocation logs; Log to the API
- Original Architecture Overview
- Detailed Architecture
- Annotated Architecture
- LLMs and Observability (Video)