AI security needs a shift from models to systems, researchers argue
Summary
Researchers argue that enterprises cannot secure AI agents by making the underlying models more robust. Instead, they must enforce security controls at the system level, treating AI models as fundamentally untrusted components, similar to how operating systems treat processes. The paper identifies five security principles from traditional systems security (least privilege, tamper resistance, complete mediation, secure information flow, and accounting for human error) that should be applied to AI agents, and notes that all eleven real-world attacks analyzed violated the secure information flow principle.
Classification
Affected Vendors
Related Issues
Original source: https://www.csoonline.com/article/4176725/ai-security-needs-a-shift-from-models-to-systems-researchers-argue.html
First tracked: May 25, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%