Skip to main content

AIShield GuArdIan: Guardrails for Secure GenAI Utilization

Responsible AI Partner Showcase @ Re: Invent | AWS GenAI COE

Dynamic header image showcasing AIShield GuArdIan, the innovative AI security tool, symbolizing its role in protecting and enhancing responsible use of generative AI within the enterprise sector.

Synopsis

Recent years have witnessed the unmatched capabilities of Large Language Models (LLMs) and generative AI. However, their enterprise use has exposed potential threats ranging from Intellectual Property Infringement, copyright violations, data privacy, harmful content to security vulnerabilities. Addressing these risks head-on is crucial for fostering trust and ensuring safe and responsible AI adoption.

AIShield GuArdIan, a tool integrated with the Amazon Web Services (AWS) ecosystem, meticulously oversees inbound and outbound data from LLMs, ensuring alignment with predefined policies. Through its dynamic policy mapping, jailbreak protection, and easy integration features, GuArdIan offers a robust shield against potential AI risks and bolsters Responsible AI values such as privacy, security, robustness, and governance.

Problem Statement

Generative AI models may help consumers, streamline organizational processes, and free up time for employees to take on higher-value organizational tasks. However, risks to privacy, cybersecurity, regulatory compliance, third-party relationships, legal obligations, and intellectual property have already emerged with the adoption of generative AI. The top risks associated to the enterprise use of LLMs according to OWASP include Intellectual Property (IP) Infringement, data privacy breaches, plagiarism, toxicity, and a general increase of enterprises’ attack surface. Organizations worldwide are grappling with the growing significance of mitigating risks associated with use of LLMs and the imperative of safe and compliant generative AI adoption.

Product Overview

AIShield GuArdIan addresses risks by acting as a secure bridge between the user application and the large language model, analyzing input/output, enforcing role-based policies, and safeguarding against legal, policy, and usage violations. It provides vital protection for the human experience with generative AI systems, enhancing security and compliance.

Illustration of AIShield GuArdIan bridging the gap between user applications and Large Language Models within the Amazon Bedrock ecosystem.
Figure 1 – AIShield GuArdIan as the bridge between user application and LLM (Amazon Bedrock)

Core Framework

The engineering and functionality of AIShield GuArdIan are closely aligned with its intended use, which is to enable enterprises and communities to leverage generative AI while managing associated risks. The product's distinct features and processes improve sensitive data protection, ethical, legal, and regulatory compliance.

AIShield GuArdIan improves the secure utilization of generative AI and LLMs through key components:

1. Guardrails and Policy Enforcement: AIShield GuArdIan includes a set of guardrails that define rules, policies, and ethical guidelines for generative AI usage. These guardrails are designed to prevent risks such as IP infringement, data privacy breaches, and security vulnerabilities. The product enforces these policies in real-time to comply with standards and organizational guidelines.

2. Dynamic Policy Mapping and Enforcement: Inspired by Identity-Access Management (IAM) Systems, AIShield GuArdIan controls LLM Usage policies based on User-Role. Dynamic mapping enforces contextual policies for users' roles, queries, and responses. Upon user query, relevant policy control is retrieved for moderation. Admins adjust policy controls within a single configuration, empowering varied users with role-aligned outputs.

3. Jailbreak Protection: AIShield GuArdIan employs algorithms to prevent unauthorized manipulation or jailbreaking of the AI system. It detects and thwarts jailbreak attempts with a significant effectiveness boost, preserving system integrity against malicious exploitation.

Engineering

AIShield GuArdIan resides within an enterprise's Virtual Private Cloud (VPC) in a dedicated private subnet, leveraging advanced architecture within the AWS ecosystem. Its primary function is to meticulously oversee both inbound data streams and resulting outputs, rigorously ensuring strict adherence to predefined policies. When incoming data aligns with these guidelines, GuArdIan interfaces directly with the Amazon Bedrock service, providing access to a comprehensive suite of LLMs. Importantly, GuArdIan's vigilance extends beyond this initial interaction. It continuously scrutinizes LLM outputs, actively searching for any policy deviations. When discrepancies are detected, GuArdIan initiates immediate intervention.

Diagram showing AIShield GuArdIan's integration within the Amazon Bedrock service, highlighting its role in data oversight and policy enforcement.
Figure 2 - AIShield GuArdIan integration with Amazon Bedrock

There are mainly two components of AIShield GuArdIan:

1. GuArdIan Core Service: This component is hosted on GPU-powered VMs to leverage the computational power required for machine learning tasks. The Core Service houses the custom AIShield GuArdIan LLM models, complemented by proprietary AIShield GuArdIan machine learning models. Its primary role is to scrutinize and validate incoming prompts and the output produced by LLM models, ensuring alignment with user-defined GuArdIan Policies.

2. GuArdIan Service: This service operates on a CPU-powered Virtual Machine (VM) equipped with Docker. It orchestrates the management of GuArdIan policies, aligns these policies with specific roles, and processes the outcomes determined by these policies.

Features

GuArdIan is designed to address three main areas of risk: input/output management by filtering data, improving data protection and privacy with a need-to-know basis approach, and enhancing cybersecurity to guard against malicious behavior. AIShield GuArdIan provides a set of practical features supporting the usage of trustworthy and responsible generative AI at enterprise-level, for example:

  • Policy enforcement: The solution offers predefined policies for content moderation (protection against harmful content, gender and racial bias, not-safe-for-work filtering), privacy protection (detection and blocking PII leaks), and security (jailbreak protection). You can easily activate these policies or create custom ones.
  • Domain- and organization-specific controls: Alongside generic policies, you can set specific rules for different sectors. For customized deployments, the solution is also capable of ingesting organizational policy documents for specialized controls. It uses transfer learning to adapt to different domains, making it capable of addressing industry-specific requirements, such as healthcare, finance, and software development.
  • Dynamic policy mapping: Inspired by Identity-Access Management (IAM) Systems, AIShield GuArdIan controls LLM Usage policies based on User-Role. Dynamic mapping enforces contextual policies for users' roles, queries, and responses. Upon user query, relevant policy control is retrieved for moderation.
  • Easy integration: Its readymade Python-SDK facilitate effortless application integration with diverse LLMs and deployments such as Amazon Bedrock and other third-party services. Dynamic policy enforcement adapts to each user input, providing horizontal implementation of security measures.
  • Reasoning and observability: The system provides clear alerts and detailed explanations for query decisions. GuArdIan’s logging functionality is useful for compliance audits.
  • Real-time monitoring: This functionality empowers organizations to track compliance, identify potential threats, and take immediate action to mitigate risks.

How GuArdIan Delivers Responsible AI Benefits

AIShield's GuArdIan is a comprehensive solution designed to help with the responsible and secure use of generative AI. By strategically aligning with best practices in responsible AI domains, GuArdIan offers a suite of features that range from dynamic policy enforcement to real-time monitoring. With its focus on governance, compliance, and risk management, GuArdIan enforces policies in real-time, improving data privacy, security, and robustness. In essence, AIShield's GuArdIan is an enterprise-level solution that champions the integration of ethical guidelines and practical utility in AI deployments, helps ensure they are responsible, safe, and compliant.

Control/Responsible Practices AIShield GuArdIan Features Summary
Control/Responsible Practices
Control
AIShield GuArdIan Features
Summary
Control/Responsible Practices
Governance
AIShield GuArdIan Features
  • Policy enforcement
  • Domain- and organization-specific controls
Summary
GuArdIan offers policy enforcement mechanisms that are adaptable to organizational guidelines. It also allows domain-specific customization to meet various industry needs.
Control/Responsible Practices
Compliance
AIShield GuArdIan Features
  • Reasoning and observability
  • Real-time monitoring
Summary
GuArdIan's logging and real-time monitoring features support compliance requirements and offer transparency for audits.
Control/Responsible Practices
Risk Management
AIShield GuArdIan Features
  • Jailbreak Protection
  • Guardrails and Policy Enforcement
Summary
GuArdIan provides guardrails and enforces ethical guidelines to mitigate risks.
Control/Responsible Practices
Responsible AI Principles
AIShield GuArdIan Features
Summary
Control/Responsible Practices
Security
AIShield GuArdIan Features
  • Jailbreak Protection
  • Domain and organization-specific controls
Summary
With algorithms to detect malicious activities, secure coding and enforce security guidelines, GuArdIan helps fortify GenAI systems against security threats.
Control/Responsible Practices
Privacy
AIShield GuArdIan Features
  • Policy enforcement
  • Domain and organization-specific controls
  • Real-time monitoring
Summary
GuArdIan's policies are designed to detect and block data leaks, copyright infringement, IP leaks helping ensure data protection in real-time.
Control/Responsible Practices
Robustness
AIShield GuArdIan Features
  • Dynamic policy mapping
  • Easy integration
Summary
GuArdIan's features adapt dynamically to user input and facilitate seamless integration, improving AI system robustness across varied deployment scenarios – industries and use cases.
Control/Responsible Practices
Interpretability & Explainability
AIShield GuArdIan Features
  • Reasoning and observability
Summary
GuArdIan provides clear explanations for its decisions, enhancing transparency and trustworthiness of its outputs.

Generative AI's transformative promise is shadowed by risks. AIShield GuArdIan stands sentinel, helping to fortify generative AI and LLMs, shielding against ethical dilemmas, misinformation, IP theft, and vulnerabilities. Rapid generative AI advances are reshaping industries from healthcare to infrastructure, mobility, environment, and beyond. Amid innovation's allure lie potential challenges; ethical quandaries, IP violations, and data breaches impacting diverse dimensions of security. AIShield GuArdIan tempers innovation with protection, yielding accurate medical insights, curbing ethical and misinformation hazards, helping ensure secure coding.

Customer Case Studies

Case Study 1: Mitigate IP infringement, data leaks and jailbreaking risks in an internal productivity chatbot at a software development company

A top-tier software giant sought to deploy a generative AI and LLM-driven internal chatbot, tapping into its vast internal document database to aid global employees in tasks like coding, data analysis, and support. Aware of inherent risks, the firm's cybersecurity team, backed by IT/Data Security and legal units, aimed for a robust risk mitigation strategy. Turning to AIShield, they utilized GuArdIan's features for a risk assessment.

AIShield team conducted an initial assessment of information leak and copyright infringement risks related to the selected LLM model, identified, and enabled the mitigation step from GuArdIan’s feature matrix, and ultimately deployed and evaluated GuArdIan’s performance with the selected chatbot. AIShield GuArdIan was easily deployed with Amazon Bedrock and demonstrated a significant enhancement in warding off jailbreak attack attempts compared to standard LLM content filters. This translated to substantial risk reduction of IP and copyright infringement leaks, increasing the security and efficiency of the company's internal productivity chatbot and enabling its widespread use among employees to enhance their productivity and efficiency.

AIShield GuArdIan in the GenAI Assisted Coding Use Case (Illustrative Prototype)
AIShield GuArdIan in the GenAI Assisted Coding Use Case (Illustrative Prototype)

Case Study 2: Role-Based Access Control in a Healthcare Chatbot

A leading hospital deployed a generative AI-powered chatbot for staff productivity, while ensuring data privacy. The challenge: different access levels for doctors and auditors. With AIShield’s GuArdIan, role-specific data access was set—doctors saw specialized or curated surgical lists and medical recommendations, while auditors, administrators and compliance officers accessed broader data.

AIShield GuArdIan's Python-SDK ensured a seamless chatbot integration while improving application security. It was able to ingest domain- and organization specific policies. Using the 3x3 framework, policies were mapped effortlessly for enforcing role-based control. GuArdIan’s dynamic enforcement and textual violation support further fortified the system. The result: a precise balance of accessibility and privacy in the chatbot, enabling a more secure generative AI application.

Prototype depiction of AIShield GuArdIan in a healthcare chatbot application, showcasing role-based access control and data privacy.
Figure 4 - AIShield GuArdIan in the Healthcare Chatbot Use Case (Illustrative Prototype)

AIShield & AWS Collaboration for Gen AI CoE