HITRUST CSF requirement statement [?] (09.09sAISecOrganizational.1)
Communication channels between the AI model and the interface responsible for
displaying the AI model's outputs (e.g., the AI application interface) are
(1) encrypted using secure protocols (e.g., TLS).- Evaluative elements in this requirement statement [?]
-
1. Communication channels between the AI model and the interface responsible for displaying the AI model outputs (e.g., the AI application interface) are encrypted using secure protocols (e.g., TLS).
- Illustrative procedures for use during assessments [?]
- Policy: Examine policies related to each evaluative element within the requirement statement. Validate the existence of a written or undocumented policy as defined in the HITRUST scoring rubric.
- Procedure: Examine evidence that written or undocumented procedures exist as defined in the HITRUST scoring rubric. Determine if the procedures and address the operational aspects of how to perform each evaluative element within the requirement statement.
- Implemented: Examine evidence that all evaluative elements within the requirement statement have been implemented as defined in the HITRUST scoring rubric, using a sample based test where possible for each evaluative element. Example test(s):
- For example, review configurations to confirm communication channel(s) between the AI model and the interface responsible for displaying the AI model’s outputs (e.g., the AI application interface) are encrypted using secure protocols (e.g., TLS).
- For example, review configurations to confirm communication channel(s) between the AI model and the interface responsible for displaying the AI model’s outputs (e.g., the AI application interface) are encrypted using secure protocols (e.g., TLS).
- Measured: Examine measurements that formally evaluate and communicate the operation and/or performance of each evaluative element within the requirement statement. Determine the percentage of evaluative elements addressed by the organization’s operational and/or independent measure(s) or metric(s) as defined in the HITRUST scoring rubric. Determine if the measurements include independent and/or operational measure(s) or metric(s) as defined in the HITRUST scoring rubric. Example test(s):
- For example, measures indicate the number of communication channels between AI models and AI application interfaces are encrypted of the total amount of such interfaces. Reviews, tests, or audits are completed by the organization to measure the effectiveness of the implemented controls and to confirm that all communication channels on the AI model are encrypted using secure protocols (e.g., TLS).
- For example, measures indicate the number of communication channels between AI models and AI application interfaces are encrypted of the total amount of such interfaces. Reviews, tests, or audits are completed by the organization to measure the effectiveness of the implemented controls and to confirm that all communication channels on the AI model are encrypted using secure protocols (e.g., TLS).
- Managed: Examine evidence that a written or undocumented risk treatment process exists, as defined in the HITRUST scoring rubric. Determine the frequency that the risk treatment process was applied to issues identified for each evaluative element within the requirement statement.
- Policy: Examine policies related to each evaluative element within the requirement statement. Validate the existence of a written or undocumented policy as defined in the HITRUST scoring rubric.
- Placement of this requirement in the HITRUST CSF [?]
- Assessment domain: 09 Transmission Protection
- Control category: 09.0 – Communications and Operations Management
- Control reference: 09.s Information Exchange Policies and Procedures
- Specific to which parts of the overall AI system? [?]
-
AI platform layer
- The AI platform and associated APIs (Considered in the underlying HITRUST e1, i1, or r2 assessment)
- Discussed in which authoritative AI security sources? [?]
-
- OWASP Machine Learning Security Top 10
2023, © The OWASP Foundation- Where:
- ML09:2023 Output integrity attack > How to prevent > Bullet #2
- ML09:2023 Output integrity attack > How to prevent > Bullet #2
- Where:
- OWASP AI Exchange
2024, © The OWASP Foundation
- Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems
Apr 2024, National Security Agency (NSA)- Where:
- Continuously protect the AI system > Secure exposed APIs > Bullet #1
- Continuously protect the AI system > Secure exposed APIs > Bullet #1
- Where:
- Securing Machine Learning Algorithms
2021, © European Union Agency for Cybersecurity (ENISA)- Where:
- 4.1- Security Controls > Organizational > Ensure ML applications comply with data security requirements
- 4.1- Security Controls > Organizational > Ensure ML applications comply with data security requirements
- Where:
- OWASP Machine Learning Security Top 10
- Discussed in which commercial AI security sources? [?]
-
- Databricks AI Security Framework
Sept. 2024, © Databricks- Where:
- Control DASF 9: Encrypt data in transit
- Control DASF 46: Store and retrieve embeddings securely
- Where:
- Snowflake AI Security Framework
2024, © Snowflake Inc.- Where:
- Model stealing > Mitigations > Secure model deployment
- Multitenancy in ML environments > Mitigations > Data encryption
- Exposure of sensitive inferential inputs > Mitigations > Proper configuration of encryption in transit
- Exposure of sensitive inferential inputs > Mitigations > Secure communication channels
- Attacks on the infrastructure hosting AI services > Mitigations > Data encryption
- Where:
- Databricks AI Security Framework
- Control functions against which AI security threats? [?]
-
- Control function: Preventative
- Additional information
-
- Q: When will this requirement included in an assessment? [?]
- This requirement will always be added to HITRUST assessments which include the
Security for AI systemsregulatory factor. - No other assessment tailoring factors affect this requirement.
- This requirement will always be added to HITRUST assessments which include the
- Q: When will this requirement included in an assessment? [?]