Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ ZENODOarrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
ZENODO
Research
Data sources: ZENODO
addClaim

Security and Provenance for Self-Hosted Agentic Systems

Authors: Kuiper, Justin H.;

Security and Provenance for Self-Hosted Agentic Systems

Abstract

Self-hosted agentic systems shift the security boundary inward. The cloud's shared-responsibility model carries an implicit assumption that the substrate is secured by the provider; self-hosting moves that responsibility onto the operator. Simultaneously, provenance — where a model came from, how weights were obtained, what training data is encoded, what fine-tunes have been applied, what tool integrations are authorized — becomes a first-class concern not because of regulation alone but because confident misalignment can originate in opaque provenance. This paper argues that security and provenance for self-hosted agentic systems must be designed together, not separately. Security without provenance lets compromised models hide in plain sight; provenance without security lets attested chains be tampered with. The combined layer is what HGC³AE²'s C¹ (Cybersecurity) actually requires at runtime.

Powered by OpenAIRE graph
Found an issue? Give us feedback