Skip to content

bassam9/AI-Security-Lab

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AI-Security-Lab

Secure RAG • AI Security • Prompt Guardrails • RBAC

Hands-on AI Security Lab demonstrating Secure RAG, LLM security, prompt guardrails, RBAC, authentication, and enterprise AI security architecture.

Overview

AI Security Lab is a practical learning project focused on designing and implementing security controls for enterprise AI assistants.

Rather than treating security as a feature of the LLM itself, this project explores how security should be built before, around, and after the model using a defense-in-depth approach.

The objective is to understand real-world AI security challenges while implementing practical controls that align with modern enterprise security architecture.


Current Features

Authentication

  • Local user authentication
  • Hidden password input
  • User identity validation

Authorization

  • Role-Based Access Control (RBAC)
  • Authorization before retrieval
  • Document-level access restrictions
  • Least privilege access model

Secure RAG

  • Local LLM using Ollama
  • LlamaIndex for Retrieval-Augmented Generation
  • Hugging Face embeddings
  • Local enterprise policy documents

AI Security Controls

  • Prompt guardrails
  • Prompt injection detection
  • Unauthorized access prevention
  • Output sanitization
  • Request and response logging

Security Principles Demonstrated

  • Authentication
  • Authorization
  • Secure Retrieval
  • Defense in Depth
  • Least Privilege
  • Prompt Security
  • Output Validation
  • Enterprise AI Security Architecture

Technologies

  • Python
  • Ollama
  • LlamaIndex
  • Hugging Face Embeddings
  • VS Code
  • Git

Current Architecture

                 User
                   │
          Authentication
                   │
               RBAC
                   │
       Prompt Guardrails
                   │
    Authorization Before Retrieval
                   │
          Secure RAG Retrieval
                   │
            Local LLM (Ollama)
                   │
         Output Sanitization
                   │
      Request & Response Logging
                   │
                Response

Project Status

🚧 This project is actively under development.

The goal is to continuously evolve the lab by implementing additional enterprise AI security capabilities and documenting the lessons learned throughout the journey.


Planned Roadmap

Phase 1 ✅

  • Local LLM
  • Secure RAG
  • Authentication
  • RBAC
  • Prompt Guardrails
  • Output Sanitization

Phase 2 (In Progress)

  • Advanced Prompt Security Engine
  • Security Event Logging
  • Attack Classification
  • Risk Scoring
  • AI Security Dashboard

Future Enhancements

  • Promptfoo integration
  • Microsoft PyRIT integration
  • Garak security testing
  • AI Gateway simulation
  • Policy engine
  • Metadata-based authorization
  • Secure Agentic AI
  • AI governance controls
  • Automated security testing
  • Security reporting
  • Threat modelling
  • CI/CD security integration

Disclaimer

This project is intended for educational and research purposes only.

All users, policies, and documents included in this repository are fictional and are provided solely to demonstrate AI security concepts.


Contributions

Suggestions, feedback, and discussions are always welcome.

If you're interested in AI Security, Secure RAG, or Enterprise AI Architecture, feel free to open an issue or start a discussion.


Connect

If you'd like to follow the progress of this project or discuss AI Security topics, connect with me on LinkedIn.

The project will continue to evolve as new security capabilities are implemented.

About

Hands-on AI Security Lab demonstrating Secure RAG, LLM security, prompt guardrails, RBAC, authentication, and enterprise AI security architecture...TBC

Topics

Resources

License

Stars

1 star

Watchers

0 watching

Forks

Packages

 
 
 

Contributors

Languages