AIShield GuArdIan: Guardrails for Secure GenAI Utilization

Recent years have witnessed the unmatched capabilities of Large Language Models (LLMs) and generative AI. However, their enterprise use has exposed potential threats ranging from Intellectual Property Infringement, copyright violations, data privacy, harmful content to security vulnerabilities. Addressing these risks head-on is crucial for fostering trust and ensuring safe and responsible AI adoption.

AIShield GuArdIan, a tool integrated with the Amazon Web Services (AWS) ecosystem, meticulously oversees inbound and outbound data from LLMs, ensuring alignment with predefined policies. Through its dynamic policy mapping, jailbreak protection, and easy integration features, GuArdIan offers a robust shield against potential AI risks and bolsters Responsible AI values such as privacy, security, robustness, and governance.

Generative AI models may help consumers, streamline organizational processes, and free up time for employees to take on higher-value organizational tasks. However, risks to privacy, cybersecurity, regulatory compliance, third-party relationships, legal obligations, and intellectual property have already emerged with the adoption of generative AI. The top risks associated to the enterprise use of LLMs according to OWASP include Intellectual Property (IP) Infringement, data privacy breaches, plagiarism, toxicity, and a general increase of enterprises’ attack surface. Organizations worldwide are grappling with the growing significance of mitigating risks associated with use of LLMs and the imperative of safe and compliant generative AI adoption.

AIShield GuArdIan addresses risks by acting as a secure bridge between the user application and the large language model, analyzing input/output, enforcing role-based policies, and safeguarding against legal, policy, and usage violations. It provides vital protection for the human experience with generative AI systems, enhancing security and compliance.

The engineering and functionality of AIShield GuArdIan are closely aligned with its intended use, which is to enable enterprises and communities to leverage generative AI while managing associated risks. The product's distinct features and processes improve sensitive data protection, ethical, legal, and regulatory compliance.

AIShield GuArdIan improves the secure utilization of generative AI and LLMs through key components:

1. Guardrails and Policy Enforcement: AIShield GuArdIan includes a set of guardrails that define rules, policies, and ethical guidelines for generative AI usage. These guardrails are designed to prevent risks such as IP infringement, data privacy breaches, and security vulnerabilities. The product enforces these policies in real-time to comply with standards and organizational guidelines.

2. Dynamic Policy Mapping and Enforcement: Inspired by Identity-Access Management (IAM) Systems, AIShield GuArdIan controls LLM Usage policies based on User-Role. Dynamic mapping enforces contextual policies for users' roles, queries, and responses. Upon user query, relevant policy control is retrieved for moderation. Admins adjust policy controls within a single configuration, empowering varied users with role-aligned outputs.

3. Jailbreak Protection: AIShield GuArdIan employs algorithms to prevent unauthorized manipulation or jailbreaking of the AI system. It detects and thwarts jailbreak attempts with a significant effectiveness boost, preserving system integrity against malicious exploitation.

AIShield GuArdIan resides within an enterprise's Virtual Private Cloud (VPC) in a dedicated private subnet, leveraging advanced architecture within the AWS ecosystem. Its primary function is to meticulously oversee both inbound data streams and resulting outputs, rigorously ensuring strict adherence to predefined policies. When incoming data aligns with these guidelines, GuArdIan interfaces directly with the Amazon Bedrock service, providing access to a comprehensive suite of LLMs. Importantly, GuArdIan's vigilance extends beyond this initial interaction. It continuously scrutinizes LLM outputs, actively searching for any policy deviations. When discrepancies are detected, GuArdIan initiates immediate intervention.

There are mainly two components of AIShield GuArdIan:

1. GuArdIan Core Service: This component is hosted on GPU-powered VMs to leverage the computational power required for machine learning tasks. The Core Service houses the custom AIShield GuArdIan LLM models, complemented by proprietary AIShield GuArdIan machine learning models. Its primary role is to scrutinize and validate incoming prompts and the output produced by LLM models, ensuring alignment with user-defined GuArdIan Policies.

2. GuArdIan Service: This service operates on a CPU-powered Virtual Machine (VM) equipped with Docker. It orchestrates the management of GuArdIan policies, aligns these policies with specific roles, and processes the outcomes determined by these policies.

GuArdIan is designed to address three main areas of risk: input/output management by filtering data, improving data protection and privacy with a need-to-know basis approach, and enhancing cybersecurity to guard against malicious behavior. AIShield GuArdIan provides a set of practical features supporting the usage of trustworthy and responsible generative AI at enterprise-level, for example:

• Policy enforcement: The solution offers predefined policies for content moderation (protection against harmful content, gender and racial bias, not-safe-for-work filtering), privacy protection (detection and blocking PII leaks), and security (jailbreak protection). You can easily activate these policies or create custom ones.
• Domain- and organization-specific controls: Alongside generic policies, you can set specific rules for different sectors. For customized deployments, the solution is also capable of ingesting organizational policy documents for specialized controls. It uses transfer learning to adapt to different domains, making it capable of addressing industry-specific requirements, such as healthcare, finance, and software development.
• Dynamic policy mapping: Inspired by Identity-Access Management (IAM) Systems, AIShield GuArdIan controls LLM Usage policies based on User-Role. Dynamic mapping enforces contextual policies for users' roles, queries, and responses. Upon user query, relevant policy control is retrieved for moderation.
• Easy integration: Its readymade Python-SDK facilitate effortless application integration with diverse LLMs and deployments such as Amazon Bedrock and other third-party services. Dynamic policy enforcement adapts to each user input, providing horizontal implementation of security measures.
• Reasoning and observability: The system provides clear alerts and detailed explanations for query decisions. GuArdIan’s logging functionality is useful for compliance audits.
• Real-time monitoring: This functionality empowers organizations to track compliance, identify potential threats, and take immediate action to mitigate risks.

AIShield's GuArdIan is a comprehensive solution designed to help with the responsible and secure use of generative AI. By strategically aligning with best practices in responsible AI domains, GuArdIan offers a suite of features that range from dynamic policy enforcement to real-time monitoring. With its focus on governance, compliance, and risk management, GuArdIan enforces policies in real-time, improving data privacy, security, and robustness. In essence, AIShield's GuArdIan is an enterprise-level solution that champions the integration of ethical guidelines and practical utility in AI deployments, helps ensure they are responsible, safe, and compliant.

Generative AI's transformative promise is shadowed by risks. AIShield GuArdIan stands sentinel, helping to fortify generative AI and LLMs, shielding against ethical dilemmas, misinformation, IP theft, and vulnerabilities. Rapid generative AI advances are reshaping industries from healthcare to infrastructure, mobility, environment, and beyond. Amid innovation's allure lie potential challenges; ethical quandaries, IP violations, and data breaches impacting diverse dimensions of security. AIShield GuArdIan tempers innovation with protection, yielding accurate medical insights, curbing ethical and misinformation hazards, helping ensure secure coding.

A top-tier software giant sought to deploy a generative AI and LLM-driven internal chatbot, tapping into its vast internal document database to aid global employees in tasks like coding, data analysis, and support. Aware of inherent risks, the firm's cybersecurity team, backed by IT/Data Security and legal units, aimed for a robust risk mitigation strategy. Turning to AIShield, they utilized GuArdIan's features for a risk assessment.

AIShield team conducted an initial assessment of information leak and copyright infringement risks related to the selected LLM model, identified, and enabled the mitigation step from GuArdIan’s feature matrix, and ultimately deployed and evaluated GuArdIan’s performance with the selected chatbot. AIShield GuArdIan was easily deployed with Amazon Bedrock and demonstrated a significant enhancement in warding off jailbreak attack attempts compared to standard LLM content filters. This translated to substantial risk reduction of IP and copyright infringement leaks, increasing the security and efficiency of the company's internal productivity chatbot and enabling its widespread use among employees to enhance their productivity and efficiency.

A leading hospital deployed a generative AI-powered chatbot for staff productivity, while ensuring data privacy. The challenge: different access levels for doctors and auditors. With AIShield’s GuArdIan, role-specific data access was set—doctors saw specialized or curated surgical lists and medical recommendations, while auditors, administrators and compliance officers accessed broader data.

AIShield GuArdIan's Python-SDK ensured a seamless chatbot integration while improving application security. It was able to ingest domain- and organization specific policies. Using the 3x3 framework, policies were mapped effortlessly for enforcing role-based control. GuArdIan’s dynamic enforcement and textual violation support further fortified the system. The result: a precise balance of accessibility and privacy in the chatbot, enabling a more secure generative AI application.