{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T11:59:08Z","timestamp":1777982348799,"version":"3.51.4"},"reference-count":41,"publisher":"Wiley","issue":"2","license":[{"start":{"date-parts":[[2025,5,20]],"date-time":"2025-05-20T00:00:00Z","timestamp":1747699200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["AI Magazine"],"published-print":{"date-parts":[[2025,6]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>This paper explores the rapidly evolving ecosystem of publicly available AI models and their potential implications on the security and safety landscape. Understanding their potential risks and vulnerabilities is crucial as AI models become increasingly prevalent. We review the current security and safety scenarios while highlighting challenges such as tracking issues, remediation, and the absence of AI model lifecycle and ownership processes. Comprehensive strategies to enhance security and safety for both model developers and end\u2010users are proposed. This paper provides several foundational pieces for more standardized security, safety, and transparency in developing and operating generative AI models and the larger open ecosystems and communities forming around them.<\/jats:p>","DOI":"10.1002\/aaai.70005","type":"journal-article","created":{"date-parts":[[2025,5,21]],"date-time":"2025-05-21T01:20:18Z","timestamp":1747790418000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Building trust: Foundations of security, safety, and transparency in AI"],"prefix":"10.1002","volume":"46","author":[{"given":"Huzaifa","family":"Sidhpurwala","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Garth","family":"Mollett","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Emily","family":"Fox","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mark","family":"Bestavros","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Huamin","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","published-online":{"date-parts":[[2025,5,20]]},"reference":[{"key":"e_1_2_4_2_1","unstructured":"AI Alliance. (n.d.).Building the Open Future of AI.https:\/\/thealliance.ai\/"},{"key":"e_1_2_4_3_1","unstructured":"ANTHROP\u2216C.2025. February 14.Responsible Disclosure Policy.https:\/\/www.anthropic.com\/responsible\u2010disclosure\u2010policy"},{"key":"e_1_2_4_4_1","unstructured":"Cattell S. A.Ghosh andL.\u2010A.Kaffee2024 July 26.Coordinated Flaw Disclosure for AI: Beyond Security Vulnerabilities. arXiv (2402.07039v3).https:\/\/arxiv.org\/pdf\/2402.07039"},{"key":"e_1_2_4_5_1","unstructured":"CISA.2023. April 21.Minimum Requirements for Vulnerability Exploitability eXchange (VEX).https:\/\/www.cisa.gov\/resources\u2010tools\/resources\/minimum\u2010requirements\u2010vulnerability\u2010exploitability\u2010exchange\u2010vex"},{"key":"e_1_2_4_6_1","unstructured":"Congress.gov andClarke Y. D.2022 Febrary 04.H.R.6580 \u2010 Algorithmic Accountability Act of 2022. H.R.6580\u2014Algorithmic Accountability Act of 2022.https:\/\/www.congress.gov\/bill\/117th\u2010congress\/house\u2010bill\/6580\/text"},{"key":"e_1_2_4_7_1","unstructured":"CoSAI. (n.d.).Making AI Systems Secure for All. Oasis Open Projects.https:\/\/www.coalitionforsecureai.org\/"},{"key":"e_1_2_4_8_1","unstructured":"CVE Program.2024. July 9.CVE and AI\u2010related Vulnerabilities.https:\/\/www.cve.org\/Media\/News\/item\/blog\/2024\/07\/09\/CVE\u2010and\u2010AIrelated\u2010Vulnerabilities"},{"key":"e_1_2_4_9_1","unstructured":"CVE. (n.d.a).CVE Numbering Authorities (CNAs).https:\/\/www.cve.org\/ProgramOrganization\/CNAs"},{"key":"e_1_2_4_10_1","unstructured":"CVE. (n.d.b).List of Partners.https:\/\/www.cve.org\/PartnerInformation\/ListofPartners"},{"key":"e_1_2_4_11_1","unstructured":"CVE. (n.d.c).Report\/Request for Non\u2010CNAs.https:\/\/www.cve.org\/ReportRequest\/ReportRequestForNonCNAs#RequestCVEID"},{"key":"e_1_2_4_12_1","unstructured":"CWE AI Working Group. (n.d.).AI\u2010Working\u2010Group. GitHub.https:\/\/github.com\/CWE\u2010CAPEC\/AI\u2010Working\u2010Group"},{"key":"e_1_2_4_13_1","unstructured":"Dickson B.2021 May 24.DeepSloth: Researchers Find Denial\u2010of\u2010Service Equivalent Against Machine Learning Systems. The Daily. Swig.https:\/\/portswigger.net\/daily\u2010swig\/deepsloth\u2010researchers\u2010find\u2010denial\u2010of\u2010service\u2010equivalent\u2010against\u2010machine\u2010learning\u2010systems"},{"key":"e_1_2_4_14_1","unstructured":"EDSAFE AI ALLIANCE.2023.The Framework. S.A.F.E. Benchmarks.InnovateEDU.https:\/\/www.edsafeai.org\/safe"},{"key":"e_1_2_4_15_1","unstructured":"European Parliament.2023 Aug 6.EU AI Act: First Regulation on Artificial Intelligence.https:\/\/www.europarl.europa.eu\/topics\/en\/article\/20230601STO93804\/eu\u2010ai\u2010act\u2010first\u2010regulation\u2010on\u2010artificial\u2010intelligence"},{"key":"e_1_2_4_16_1","unstructured":"Google.2023.Google's Secure AI Framework (SAIF). Google Safety Center.https:\/\/safety.google\/cybersecurity\u2010advancements\/saif\/"},{"key":"e_1_2_4_17_1","unstructured":"Google. (n.d.).HTTPS encryption on the web. Google Transparency Report.https:\/\/transparencyreport.google.com\/https\/overview"},{"key":"e_1_2_4_18_1","unstructured":"Governor Gavin Newsom.2024. September 29.Governor Newsom Announces New Initiatives to Advance Safe and Responsible AI Protect Californians. Governor Gavin Newsom.https:\/\/www.gov.ca.gov\/2024\/09\/29\/governor\u2010newsom\u2010announces\u2010new\u2010initiatives\u2010to\u2010advance\u2010safe\u2010and\u2010responsible\u2010ai\u2010protect\u2010californians\/"},{"key":"e_1_2_4_19_1","unstructured":"Grundy E. J.Dao R.Uuk S.Pour andS.Casper2025.What are the Risks From Artificial Intelligence? MIT AI Risk Repository.https:\/\/airisk.mit.edu\/"},{"key":"e_1_2_4_20_1","unstructured":"Haan K.2024 October 16.22 Top AI Statistics and Trends. 22 Top AI Statistics and Trends.https:\/\/www.forbes.com\/advisor\/business\/ai\u2010statistics\/"},{"key":"e_1_2_4_21_1","unstructured":"Hong S. Y.Kaya I.\u2010V.Modoranu andT.Dumitra\u015f2021 February 25.A Panda? No It's a Sloth: Slowdown Attacks on Adaptive Multi\u2010Exit Neural Network Inference. arXiv.https:\/\/arxiv.org\/abs\/2010.02432"},{"key":"e_1_2_4_22_1","unstructured":"IBM Data and AI Team.2023. September 27.Open Source Large Language Models: Benefits Risks and Types.https:\/\/www.ibm.com\/think\/topics\/open\u2010source\u2010llms"},{"key":"e_1_2_4_23_1","unstructured":"McSherry C.2024 August 19.NO FAKES\u2014A Dream for Lawyers a Nightmare for Everyone Else. Electronic Frontier Foundation.https:\/\/www.eff.org\/deeplinks\/2024\/08\/no\u2010fakes\u2010dream\u2010lawyers\u2010nightmare\u2010everyone\u2010else"},{"key":"e_1_2_4_24_1","doi-asserted-by":"crossref","unstructured":"Mitchell M. S.Wu A.Zaldivar P.Barnes L.Vasserman B.Hutchinson E.Spitzer I. D.Raji andT.Gebru2019 January 14.Model Cards for Model Reporting.https:\/\/arxiv.org\/pdf\/1810.03993","DOI":"10.1145\/3287560.3287596"},{"key":"e_1_2_4_25_1","unstructured":"MITRE.2022.MITRE ATLAS. MITRE.https:\/\/atlas.mitre.org\/"},{"key":"e_1_2_4_26_1","unstructured":"ML Commons. (n.d.).AI Risk & Reliability.https:\/\/mlcommons.org\/working\u2010groups\/ai\u2010risk\u2010reliability\/ai\u2010risk\u2010reliability\/"},{"key":"e_1_2_4_27_1","unstructured":"ML Commons. (n.d.).Benchmark for General\u2010Purpose AI Chat Model.https:\/\/ailuminate.mlcommons.org\/benchmarks\/"},{"key":"e_1_2_4_28_1","unstructured":"MLCommons.2025.Benchmark for General\u2010Purpose AI Chat Model.https:\/\/mlcommons.org\/working\u2010groups\/ai\u2010risk\u2010reliability\/ai\u2010risk\u2010reliability\/"},{"key":"e_1_2_4_29_1","unstructured":"Newsom G.2024 September 29.SB\u20101047 Veto Message. Office of the Governor.chrome\u2010extension:\/\/efaidnbmnnnibpcajpcglclefindmkaj\/https:\/\/www.gov.ca.gov\/wp\u2010content\/uploads\/2024\/09\/SB\u20101047\u2010Veto\u2010Message.pdf"},{"key":"e_1_2_4_30_1","unstructured":"NIST.2023. August 3.National Vulnerability Database. Information Technology Laboratory.https:\/\/nvd.nist.gov\/vuln"},{"key":"e_1_2_4_31_1","unstructured":"NIST.2023. January 26.AI Risk Management Framework. NIST.https:\/\/www.nist.gov\/itl\/ai\u2010risk\u2010management\u2010framework"},{"key":"e_1_2_4_32_1","doi-asserted-by":"crossref","unstructured":"NIST.2024. July 1.Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile. NIST Trustworthy and Responsible AI.https:\/\/nvlpubs.nist.gov\/nistpubs\/ai\/NIST.AI.600\u20101.pdf","DOI":"10.6028\/NIST.AI.100-1.jpn"},{"key":"e_1_2_4_33_1","unstructured":"open source initiative. (n.d.).The Open Source AI Definition \u20131.0.https:\/\/opensource.org\/ai\/open\u2010source\u2010ai\u2010definition"},{"key":"e_1_2_4_34_1","unstructured":"OWASP AI Security and Privacy Guide.2025.OWASP.https:\/\/owasp.org\/www\u2010project\u2010ai\u2010security\u2010and\u2010privacy\u2010guide\/"},{"key":"e_1_2_4_35_1","unstructured":"OWASP. (n.d.).OWASP AIBOM.https:\/\/owasp.org\/www\u2010project\u2010aibom\/"},{"key":"e_1_2_4_36_1","unstructured":"Radford A. K.Narasimhan T.Salimans andI.Sutskever andOpenAI. (n.d.).Improving Language Understanding by Generative Pre\u2010Training.https:\/\/cdn.openai.com\/research\u2010covers\/language\u2010unsupervised\/language_understanding_paper.pdf"},{"key":"e_1_2_4_37_1","unstructured":"Red Hat.2023 September 26.What Are Large Language Models?https:\/\/www.redhat.com\/en\/topics\/ai\/what\u2010are\u2010large\u2010language\u2010models"},{"key":"e_1_2_4_38_1","unstructured":"Sigstore TSC & Community Chair.2024 March 20.Sigstore Graduates: A Monumental Step Towards Secure Software Supply Chains. OpenSSF.https:\/\/openssf.org\/blog\/2024\/03\/20\/sigstore\u2010graduates\u2010a\u2010monumental\u2010step\u2010towards\u2010secure\u2010software\u2010supply\u2010chains\/"},{"key":"e_1_2_4_39_1","unstructured":"Smart Insights.2023 Mar 20.The AIDA model.https:\/\/www.smartinsights.com\/traffic\u2010building\u2010strategy\/offer\u2010and\u2010message\u2010development\/aida\u2010model\/"},{"key":"e_1_2_4_40_1","unstructured":"The Linux Foundation Projects. (n.d.).Open Container Initiative.https:\/\/opencontainers.org\/"},{"key":"e_1_2_4_41_1","unstructured":"Vaswani A. N.Shazeer N.Parmar J.Uszkoreit L.Jones A. N.Gomez \u0141.Kaiser andI.Polosukhin2017. \u201cAttention is all you need.\u201d InAdvances in Neural Information Processing Systems 30 NeurIPS."},{"key":"e_1_2_4_42_1","unstructured":"Walters M.2023 December 18.Adapting to the Post\u2010SolarWinds Era: Supply Chain Security in 2024. DarkReading.https:\/\/www.darkreading.com\/vulnerabilities\u2010threats\/adapting\u2010post\u2010solarwinds\u2010era\u2010supply\u2010chain\u2010security\u20102024"}],"container-title":["AI Magazine"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/aaai.70005","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,30]],"date-time":"2025-11-30T05:27:05Z","timestamp":1764480425000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/aaai.70005"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,5,20]]},"references-count":41,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2025,6]]}},"alternative-id":["10.1002\/aaai.70005"],"URL":"https:\/\/doi.org\/10.1002\/aaai.70005","archive":["Portico"],"relation":{"has-preprint":[{"id-type":"doi","id":"10.36227\/techrxiv.173324146.69244460\/v1","asserted-by":"object"}]},"ISSN":["0738-4602","2371-9621"],"issn-type":[{"value":"0738-4602","type":"print"},{"value":"2371-9621","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,5,20]]},"assertion":[{"value":"2024-11-25","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-05-14","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-05-20","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"e70005"}}