{"id":45100189,"url":"https://github.com/mikeprivette/ai-security-shared-responsibility","last_synced_at":"2026-03-04T16:00:48.720Z","repository":{"id":316704433,"uuid":"1059533381","full_name":"mikeprivette/ai-security-shared-responsibility","owner":"mikeprivette","description":"AI Security Shared Responsibility Model","archived":false,"fork":false,"pushed_at":"2025-09-26T06:36:25.000Z","size":38,"stargazers_count":36,"open_issues_count":0,"forks_count":5,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-26T08:31:24.683Z","etag":null,"topics":["ai","model","security"],"latest_commit_sha":null,"homepage":"https://returnonsecurity.com","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mikeprivette.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-18T15:14:36.000Z","updated_at":"2025-09-26T06:36:29.000Z","dependencies_parsed_at":"2025-09-26T08:31:27.045Z","dependency_job_id":"f983c8da-bf7a-48d0-938b-0bfe4138e748","html_url":"https://github.com/mikeprivette/ai-security-shared-responsibility","commit_stats":null,"previous_names":["mikeprivette/ai-security-shared-responsibility"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/mikeprivette/ai-security-shared-responsibility","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikeprivette%2Fai-security-shared-responsibility","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikeprivette%2Fai-security-shared-responsibility/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikeprivette%2Fai-security-shared-responsibility/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikeprivette%2Fai-security-shared-responsibility/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mikeprivette","download_url":"https://codeload.github.com/mikeprivette/ai-security-shared-responsibility/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikeprivette%2Fai-security-shared-responsibility/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30085788,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-04T15:40:14.053Z","status":"ssl_error","status_checked_at":"2026-03-04T15:40:13.655Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","model","security"],"created_at":"2026-02-19T20:00:35.051Z","updated_at":"2026-03-04T16:00:48.700Z","avatar_url":"https://github.com/mikeprivette.png","language":null,"funding_links":[],"categories":["Best Practices, Frameworks \u0026 Controls"],"sub_categories":["Governance \u0026 Management Frameworks"],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"./resources/images/AI Shared Responsibility Model.png\" alt=\"AI Security Shared Responsibility Model Matrix\" width=\"800\"/\u003e\n\n# AI Security Shared Responsibility Model\n\n![Static Badge](https://img.shields.io/badge/mission-Clarify_AI_Security_Ownership-8B5CF6)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n[![Version](https://img.shields.io/badge/Version-1.1.0-blue.svg)](https://github.com/mikeprivette/ai-security-shared-responsibility/releases)\n\n### Clear security ownership for every AI deployment model\n\n**[Quick Start](#quick-start) • [Framework](#the-framework) • [Deployment Models](#8-deployment-models) • [Security Domains](#16-security-domains) • [About](#about)**\n\n\u003c/div\u003e\n\n---\n\n## The Problem\n\nAI is transforming industries at unprecedented pace, but security ownership remains unclear. Organizations deploying AI systems—from simple ChatGPT usage to complex custom models—lack clarity on who's responsible for what.\n\nThis gap creates risk. Without clear ownership boundaries, critical security tasks fall through the cracks. Data governance, model security, and compliance requirements become nobody's responsibility—until something goes wrong.\n\nThe shared responsibility model solved this for cloud computing. Now AI needs the same clarity.\n\n## What This Is\n\nA framework for understanding security responsibilities across AI deployments. Like cloud computing's shared responsibility model, this framework maps who owns what across **8 deployment models** and **16 security domains**.\n\nWhether you're using ChatGPT, building custom models, or deploying autonomous agents, this framework shows exactly what you're responsible for—and what your providers handle.\n\n## Quick Start\n\n\u003cdiv align=\"center\"\u003e\n\n| **If you are a...** | **Start here** | **Focus on** |\n|:---:|:---:|:---|\n| **Security Leader** | [Responsibility Matrix](framework/responsibility-matrix.md) | Understanding your obligations across all AI initiatives |\n| **AI Practitioner** | [Deployment Models](framework/deployment-models.md) | Identifying which model fits your use case |\n| **Architect** | [Security Domains](framework/security-domains.md) | Comprehensive security coverage areas |\n| **Getting Started** | [This Section](#getting-started) | Step-by-step implementation guide |\n\n\u003c/div\u003e\n\n## Why This Framework vs Others\n\nThink of this as your **Day 1 framework**—what you need before diving into technical specifications.\n\n| **Framework** | **Best For** | **When to Use** | **Limitation** |\n|:---|:---|:---|:---|\n| **🎯 This Framework** | Initial alignment \u0026 planning | Before deployment decisions | Less technical depth |\n| **NIST AI RMF** | Comprehensive risk management | Mature AI programs | Assumes AI maturity |\n| **CSA Models** | Cloud-specific implementations | Azure/AWS deployments | Too narrow for full AI landscape |\n| **Microsoft Approach** | Azure ecosystem | Technical implementation | Vendor-specific |\n\nOther frameworks assume you already know your deployment model and have organizational alignment. This framework helps you **build that alignment first**.\n\n## The Framework\n\n### Core Components\n\n\u003cdiv align=\"center\"\u003e\n\n| **Component** | **What It Covers** | **Key Insight** |\n|:---:|:---|:---|\n| **[8 Deployment Models](framework/deployment-models.md)** | From SaaS to on-premises, agents to assistants | Each model has distinct security boundaries |\n| **[16 Security Domains](framework/security-domains.md)** | Traditional + AI-specific (marked with ★) | New domains like agent governance are critical now |\n| **[Responsibility Matrix](framework/responsibility-matrix.md)** | Complete 8x16 mapping | Visual guide to all responsibilities |\n\n\u003c/div\u003e\n\n### Key Principles\n\n- **No deployment is responsibility-free** - Even SaaS requires customer security efforts\n- **Control = Responsibility** - More control means more security obligations\n- **Shared requires coordination** - Both parties must fulfill their parts\n- **New domains matter now** - Agent governance isn't a future problem\n\n## Getting Started\n\n1. **📍 Identify** your AI deployment model(s) using the [deployment models guide](framework/deployment-models.md)\n2. **✅ Check** the [responsibility matrix](framework/responsibility-matrix.md) for your obligations\n3. **📋 Review** the [security domains](framework/security-domains.md) to understand coverage areas\n4. **🎯 Plan** improvements based on identified gaps\n\n## 8 Deployment Models\n\nComprehensive coverage from simple SaaS to complex autonomous systems:\n\n### Cloud-Based Models\n1. **SaaS AI Models** - ChatGPT, Claude, Gemini (Public \u0026 Private)\n2. **PaaS AI Models** - Azure OpenAI, AWS Bedrock, Google AI Platform\n3. **IaaS AI Models** - Custom models on cloud infrastructure\n\n### Self-Managed \u0026 Specialized\n4. **On-Premises AI Models** - Local LLMs, air-gapped systems\n5. **SaaS Products with Embedded AI** - Salesforce Einstein, MS Copilot\n6. **Agentic AI Systems** - Autonomous multi-agent configurations\n7. **AI Coding Assistants** - GitHub Copilot, Cursor, Claude Code\n8. **MCP-Based Systems** - Persistent memory \u0026 context systems\n\n[→ Full deployment models guide](framework/deployment-models.md)\n\n## 16 Security Domains\n\nComprehensive coverage across traditional and emerging AI security areas:\n\n**Traditional Domains (1-12)**\n- Application Security\n- AI Ethics and Safety\n- Model Security\n- User Access Control\n- Data Privacy\n- Data Security\n- Monitoring and Logging\n- Compliance and Governance\n- Supply Chain Security\n- Network Security\n- Infrastructure Security\n- Incident Response\n\n**Emerging AI Domains (13-16)** ★\n- **Agent Governance** - Control of autonomous AI agents\n- **Code Generation Security** - AI-generated code protection\n- **Context Pollution Protection** - Preventing false information injection\n- **Multi-System Integration Security** - Cross-system AI orchestration\n\n[→ Full security domains guide](framework/security-domains.md)\n\nSecuring an AI system is a multi-faceted challenge that requires attention to various domains and usage states. As the deployment models evolve, so too will these focus areas.\n\n## Contributing\n\nThis framework improves with real-world input. Looking for:\n- Implementation experiences\n- Framework improvements\n- Templates and tools\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for details or open an issue to start a discussion.\n\n## Evolution\n\n- **August 2024**: [Original framework published](https://www.returnonsecurity.com/p/ai-security-shared-responsibility-model-navigating-risks-ai-deployment)\n- **September 2025**: Expanded to 8 models and 16 domains, open sourced\n\nThe framework has grown from 4 to 8 deployment models and added 4 emerging security domains based on how AI security has evolved over the past year.\n\n## About\n\nCreated by [Mike Privette](https://www.linkedin.com/in/mikeprivette/), founder of [Return on Security](https://returnonsecurity.com).\n\nQuestions? Open an issue to start a discussion.\n\n## License\n\nMIT - See [LICENSE](LICENSE) file.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmikeprivette%2Fai-security-shared-responsibility","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmikeprivette%2Fai-security-shared-responsibility","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmikeprivette%2Fai-security-shared-responsibility/lists"}