Skip to content

Home

Jump to bottom
Evaldas Jocys edited this page Mar 30, 2024 · 18 revisions

Rethinking AI Integration

This application is built on the idea that Artificial Intelligence (AI) should be viewed like a crew member rather than just a simple tool. It is because the power of AI lies not only in telling or consulting but in actually doing and achieving. This perspective demands that security measures focus on the AI itself, not just the application it's part of. Imagine hiring a person to operate a piece of heavy machinery: you evaluate and trust the operator, not just the machinery. The same principle applies to AI.

AI Access and Execution Levels

In the realm of application development, artificial intelligence (AI) is increasingly integrated not just as a tool but as an essential component capable of performing tasks similar to a human. It's crucial to use AI that has been thoroughly verified and trusted, especially since it might have varying permissions, ranging from restricted to full access akin to a human user.

Modern robots operated by AI are no longer science fiction. These robots have access to capabilities similar to humans, so security concepts must be tailored to be the same as for intelligent, autonomous beings such as humans.

Sci-Fi: Star Trek: Data and Jean Luc Picard Sci-Fi: The Orville: Issac and captain Ed Mercer Real Life: Elon Musk as Tesla Optimus

Overview

The application provides AI with varied access levels, from zero permissions to having the same full permissions that a human user has.

Manage access risk level

Risk Level

The Risk Level categorizes the types of access and capabilities AI can have:

  • Unknown: Indicates an AI with access or capabilities that are not specified or identified.

  • None (Read Internal): AI is limited to only reading data within the application.

  • Low (Write Internal): AI can alter or add to data within the application.

  • Medium (Read External): AI has the ability to read data from external sources outside the application.

  • High (Write External): AI can change data in external sources outside of the application.

  • Critical (Full Access): AI gains full access, on par with a human user, capable of running applications and scripts.

The creation of the Risk Level framework for applications highlights the necessity for a deliberate and secure method to integrate AI. By setting clear permissions and access levels, developers can ensure that AI functions within its designated scope, protecting both the application and its data. As AI's role in applications becomes increasingly sophisticated, adhering to the Risk Level principles is crucial for maintaining trust and reliability in AI-based systems.

Clone this wiki locally