AI应用的安全工程：从威胁建模到防护

AI应用的安全工程：从威胁建模到防护

前言

我们的产品上线后，遇到了各种安全问题：Prompt 注入、数据泄露、API 滥用...

今天，分享我们是如何建立安全工程体系的。

一、威胁建模

1.1 威胁识别

class ThreatModeling: def identify(self) -> list: """识别威胁""" return [ {"type": "prompt_injection", "severity": "high"}, {"type": "data_leakage", "severity": "high"}, {"type": "api_abuse", "severity": "medium"}, {"type": "model_manipulation", "severity": "medium"} ]

1.2 风险评估

class RiskAssessment: def assess(self, threats: list) -> dict: """评估风险""" prioritized = sorted(threats, key=lambda x: x["severity"], reverse=True) return { "critical": [t for t in prioritized if t["severity"] == "high"], "medium": [t for t in prioritized if t["severity"] == "medium"] }

二、安全防护

2.1 输入验证

class InputValidation: def validate(self, input_data: str) -> dict: """验证输入""" checks = [ {"name": "length", "passed": len(input_data) < 5000}, {"name": "patterns", "passed": not self._contains_suspicious(input_data)}, {"name": "sanitization", "passed": True} ] return {"valid": all(c["passed"] for c in checks), "checks": checks}

2.2 输出过滤

class OutputFiltering: def filter(self, output: str) -> str: """过滤输出""" # 移除敏感信息 output = self._remove_personal_info(output) # 检查内容安全性 if self._contains_harmful(output): return "抱歉，无法生成相关内容" return output

三、API 安全

3.1 认证授权

class Authentication: def authenticate(self, token: str) -> dict: """认证用户""" return { "user_id": "123", "role": "user", "valid": True } def authorize(self, user_id: str, resource: str) -> bool: """授权检查""" permissions = {"user": ["read"], "admin": ["read", "write"]} return resource in permissions.get(self._get_role(user_id), [])

3.2 限流保护

class RateLimiting: def __init__(self): self.limits = {"free": 100, "pro": 1000} def check(self, user_id: str, plan: str) -> bool: """检查限流""" current = self._get_request_count(user_id) return current < self.limits.get(plan, 100)

四、数据安全

4.1 数据加密

class DataEncryption: def encrypt(self, data: str) -> str: """加密数据""" from cryptography.fernet import Fernet key = Fernet.generate_key() f = Fernet(key) return f.encrypt(data.encode()).decode() def decrypt(self, encrypted: str) -> str: """解密数据""" from cryptography.fernet import Fernet key = self._get_key() f = Fernet(key) return f.decrypt(encrypted.encode()).decode()

4.2 访问控制

class AccessControl: def check(self, user_id: str, resource: str) -> bool: """检查访问权限""" return resource == "own_data" or self._is_admin(user_id)

五、安全监控

5.1 异常检测

class AnomalyDetection: def detect(self, activity: dict) -> dict: """检测异常""" anomalies = [] if activity["requests_per_minute"] > 100: anomalies.append("请求频率异常") if activity["unusual_pattern"]: anomalies.append("行为模式异常") return {"anomalies": anomalies, "risk_level": "high" if anomalies else "low"}

5.2 告警机制

class Alerting: def trigger(self, alert: dict): """触发告警""" return { "type": alert["type"], "severity": alert["severity"], "message": alert["message"], "actions": ["通知安全团队", "临时限流"] }

六、最佳实践

6.1 安全原则

• ✅纵深防御：多层安全防护
• ✅最小权限：只给必要权限
• ✅默认安全：安全配置默认开启
• ✅持续监控：实时监控安全事件

6.2 常见误区

• ❌安全事后：等出事再做安全
• ❌单点依赖：依赖单一安全措施
• ❌忽视测试：不做安全测试
• ❌过度防护：影响用户体验

七、总结

安全工程是 AI 应用的基石。关键在于：

1. 威胁建模：提前识别风险
2. 多层防护：建立纵深防御
3. 持续监控：及时发现问题
4. 持续改进：根据反馈优化

记住：安全不是一次性工作，是持续的过程。