One Article Review
| Source |  GoogleSec |
|---|---|
| Identifiant | 8660287 |
| Date de publication | 2025-04-04 13:00:39 (vue: 2025-04-04 18:07:00) |
| Titre | Taming the Wild West de ML: Modèle pratique de la signature avec Sigstore Taming the Wild West of ML: Practical Model Signing with Sigstore |
| Texte | Posted by Mihai Maruseac, Google Open Source Security Team (GOSST)In partnership with NVIDIA and HiddenLayer, as part of the Open Source Security Foundation, we are now launching the first stable version of our model signing library. Using digital signatures like those from Sigstore, we allow users to verify that the model used by the application is exactly the model that was created by the developers. In this blog post we will illustrate why this release is important from Google\'s point of view.With the advent of LLMs, the ML field has entered an era of rapid evolution. We have seen remarkable progress leading to weekly launches of various applications which incorporate ML models to perform tasks ranging from customer support, software development, and even performing security critical tasks.However, this has also opened the door to a new wave of security threats. Model and data poisoning, prompt injection, prompt leaking and |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | the achieve achieving across actor addressed advanced advent after against all alleviates allow also alteration although another any anyone apis application applications approach arbitrary architectural are around artifact artifacts assessment assuming attached attacker attacks attention audited automate available average backdoors been before behavior behaviors binary binding blog both build building can capabilities cards case chain chainto challenges changes check cli coalition code collaboration collection community companies completely components compromise compromised connect control cosai could created creates creating critical cryptographic customer data datasets default defend defining deployed details developed developer developers developing development diagram different digital directly directory discussed disk door during each easy ecosystem embedded ensures entered entire envision era establishing evaluation evasion even every evolution exact exactly examine execution expertise exploit exploited extending external eye features field finally fine finetunes first flows following format foundation fraction framework frameworks from fully furthermore future garnering get gets goalswe goes good google gosst group guarantees guidance handle handled handles has have helps hiddenlayer how however hub hubs huggingface humans ideal identify identity illustrate illustrating impact important incident include including incorporate individual industry infrastructure inject injecting injection inputs inspired integrity interest interested intermediary internal involved its itself join just kaggle keys labels language large larger launch launches launching leading leaking least less let leverage libraries library like lived llms log long look machines made make malicious manage manner marks maruseac mechanism meetings metadata methods mihai ml: model models modelssigning more most much multiple need needed new news next not now nvidia occur one only open opened openid openssf opportunities options oss other oval over package part partners partnership perform performance performing permit places plan planning point poisoning popular possible post posted potential potentially powered practical practitioners prevent prevented prevents process: processes producer progress project prompt proof provenance provides public publication python question range ranging rapid read recently recommend records related release releasing remarkable remote repositories represented requires response results risk risks rotate run saif same saved scale secrets secure security seen selected separate separation serialization services several shape sheer shows sign signature signatures signed significant signing sigstore since single slight software solutions some sometimes source special specialized specific split stable stage stages starting step step: steps storing such summarizes supply support supporting taming tamper tampering tasks team teams technical than them then these those threat threats three today together token tools top towards traditional trained training transparency transparent tree triggered trust trustworthy tuned typically under understand uninspectable upload uploaded usage use used user users uses using usually utilities various verification verified verify verifying version view want wave way weekly weights well west when where which whitepaper who why wild will work workload world would “can ”since |
| Tags | Tool Threat Technical |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.