1、Securing LLM BackedSystems:Essential Authorization PracticesThe permanent and official location for the AI Technology and Risk Working Group ishttps:/cloudsecurityalliance.org/research/working-groups/ai-technology-and-risk 2024 Cloud Security Alliance All Rights Reserved.You may download,store,displ

2、ay on yourcomputer,view,print,and link to the Cloud Security Alliance at https:/cloudsecurityalliance.org subject tothe following:(a)the draft may be used solely for your personal,informational,noncommercial use;(b)the draft may not be modified or altered in any way;(c)the draft may not be redistrib

3、uted;and(d)thetrademark,copyright or other notices may not be removed.You may quote portions of the draft aspermitted by the Fair Use provisions of the United States Copyright Act,provided that you attribute theportions to the Cloud Security Alliance.Copyright 2024,Cloud Security Alliance.All rights

4、 reserved.2AcknowledgmentsLead AuthorsNate LeeLaura VoicuContributorsBhuvaneswari SelvaduraiDamin HasseErik HajnalJason GarmanJohn JiangMalte Hjmark-BertelsenMichael RozaPrathibha MuraleedharaTim MichaudReviewersArsalan KhanAkhil MittalAdam LundqvistAlex ReboAmity FoxDan GoraGaurav PuriIlango Alliku

5、zhiIvan DjordjevicKaran GoenkaKen HuangOtto SulinSemih GelisliSven OlenskySrinivas InguvaRavin KumarWalter HaydockCo-ChairsChris KirschkeMark YanalitisCSA Global StaffJosh BukerStephen Smith Copyright 2024,Cloud Security Alliance.All rights reserved.3Table of ContentsAcknowledgments.3Table of Conten

6、ts.4Executive Summary.5Introduction.6Intended Audience.6Scope.6Principles.7Components of LLM-backed systems.8Orchestrator.9Vector Databases.9LLM Cache.10Validation.10MLSecOps.11Challenges and considerations.12Prompt injection.12System and user prompts.14Fine-tuning and model training.15Common archit