惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

P
Palo Alto Networks Blog
大猫的无限游戏
大猫的无限游戏
Martin Fowler
Martin Fowler
GbyAI
GbyAI
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
量子位
T
The Blog of Author Tim Ferriss
Y
Y Combinator Blog
Microsoft Azure Blog
Microsoft Azure Blog
C
CERT Recently Published Vulnerability Notes
Recent Announcements
Recent Announcements
A
About on SuperTechFans
aimingoo的专栏
aimingoo的专栏
P
Privacy International News Feed
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
博客园 - 叶小钗
L
Lohrmann on Cybersecurity
G
GRAHAM CLULEY
T
The Exploit Database - CXSecurity.com
Hugging Face - Blog
Hugging Face - Blog
P
Proofpoint News Feed
NISL@THU
NISL@THU
博客园 - Franky
C
Cybersecurity and Infrastructure Security Agency CISA
The Register - Security
The Register - Security
M
MIT News - Artificial intelligence
Know Your Adversary
Know Your Adversary
A
Arctic Wolf
F
Full Disclosure
T
Threat Research - Cisco Blogs
P
Privacy & Cybersecurity Law Blog
The Hacker News
The Hacker News
博客园 - 【当耐特】
D
Docker
T
Tailwind CSS Blog
S
SegmentFault 最新的问题
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Jina AI
Jina AI
Help Net Security
Help Net Security
V
Visual Studio Blog
小众软件
小众软件
B
Blog
Vercel News
Vercel News
云风的 BLOG
云风的 BLOG
N
News and Events Feed by Topic
Forbes - Security
Forbes - Security
N
Netflix TechBlog - Medium
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
C
Cisco Blogs
Security Archives - TechRepublic
Security Archives - TechRepublic

Artificial Intelligence in Plain English - Medium

OpenAI launched GPT-5.5 - it’s the death of digital hand-holding The Future of Agentic AI is Not One Genius Model, it is a Team How AI Development Optimizes Smart Parking Management Systems The FAST Framework: A Practical Responsible AI Checklist for Data Scientists Why is Cloud Migration Consulting Important for Businesses? My Team Caught Me Using AI to Merge PRs. The Code Was Fine. The Trust Wasn’t. SQL Tricks Every Data Scientist Should Know I Stopped Chasing AI Hype and Started Building Systems That Actually Worked GPT-5.5: The Model That Thinks Ahead Mastering AI Storytelling: Crafting Prompts for Captivating Narratives Why So Many Businesses Are Switching to Clawdbot for AI Automation The Growing Dependence on AI Tools — And Why It’s Risky How to Cut Claude Code Costs by At least 2 to 3x How The Google Antigravity Agent Hallucinated NSFW Adult Websites? “Vercel Hack Exposed: How a Simple AI Tool Led to a $2M Data Breach” The Vercel Hack: How One AI Tool Cracked Open the Internet’s Deployment Stack AI Chatbot Development Services for Enterprise Data-Sensitive Processes What AI Agent Developers Should Consider When Designing Agents for High-volume Environments My ChatGPT Responds Better Than Yours, Here is the 3-Step Guide How To Create A Custom AI Chatbot, Train & Deploy It In 48 Hrs Learning in the Age of Intelligent Systems: Why Human Understanding Still Matters Everyone Is Learning AI, So Why Will Most Still Fail? AI Is Learning Faster Than You Think What If Your Next Best Friend Is a Robot That Even Feels Real? OpenAI Quietly Broke the Way You Build AI Apps The AI Superpower Standoff: Why the OpenAI vs. Anthropic War Looks Exactly Like the US vs. Iran The LLM Tools That Actually Matter in Production (Not LangChain, Not the OpenAI SDK) The Most Dangerous Use of Artificial Intelligence Yet! | AI Porn Why Your AI Chatbot Gives Vague Answers (And Why That Should Matter to You) How Do You Prove You’re You, After AI Has Evolved? AWS Bedrock Agents Keep Crashing Mid-Flow, Here’s Why and How to Actually Fix It I Built a Full Stack App Without Writing Code (AI vs Developer Reality Check) Why Your Business Doesn’t Need a Chatbot — It Needs an AI Agent 3 Counter-Intuitive Things I Learned Promoting my Micro-SaaS I Tested 5 LLMs Across 100 Real-World Tasks — The Winner Isn’t Who You Think Why Claude Design is Terrifying UX Teams? 9 AI Behaviors That Developers Misinterpret Completely How Large Language Models Actually Work (Explained Simply) The 4-Month Blueprint: How to Become an AI Automation Builder Claude Opus 4.7: The Model That Verifies Itself The $1 AI Stack: Build Scalable AI Systems Without Burning Cash How Blockchain Development Solutions Enable Decentralized Innovation Your AI Is Lying to You — And Your Tests Are Helping It How to Create a Local AI Assistant Using Python Without Paying for APIs What Is a Context Graph — and Why Is Everyone Talking About It? Jobs Are Disappearing. Careers Are Breaking. The Smartest People Are Building This Instead The Silent Trade: Convenience in Exchange for Control Why “The Dark Knight” and “The Avengers” Are 78% Similar, A Math-First Guide to Movie… Claude Skills — The Workflows That Actually Stick Claude Code’s source code just leaked. Today I’m going to teach you how it works. Build a Production-Grade AI Invoice Processing Pipeline in Snowflake — Using Only SQL The AI-Driven Developer Blueprint: How Modern Software Really Works The Truth About AI — From First Model to Real-World Systems AI in Everyday Life Google’s Gemma 4 Is Beating Models 20x Its Size And You Can Run It on Your Laptop 8 AI Scenarios Where You Should Never Trust the Output How to Make Money from Podcast Videos with AI: A Complete 4-Step Workflow for Creators (2026 Guide) n8n Google Search Workflow Automation: Streamlined SEO Indexing with Google APIs Why Drug Discovery Gets the Wrong Targets — and How Causal AI Can Fix It Why Your Workflow Is Broken (And How AI Automation Fixes It) Failure Mode and Effects Analysis (FMEA): Turning Risk into Preventive Control Measurement System Analysis (MSA): Why Good Projects Fail Without Good Data Advanced DMAIC Tools: Moving Beyond the Basics in Lean Six Sigma AI Won’t Fix a Messy Operation The Invisible Tech Revolution That’s Already Reshaping Your Job (And No, You Don’t Need to Know How… The Battle of the Bastards Is Happening Right Now. And Your Job Is Jon Snow. 7 Real-World Machine Learning Projects You Can Build in a Weekend 5 Prompting Habits That Are Destroying Your AI’s Logic MiniMax M2.7: The Model That Helped Build Itself The Token Dependency: Why Cloud-Only AI is a Single Point of Failure One Agent, Many Skills: Why You Don’t Always Need a Multi-Agent Architecture AI, Machine Learning, and Data Science in Action The Human-AI Symbiosis in Data Science Insurance Chatbots: Benefits, Use Cases & Examples The AI Model Anthropic Won’t Let You Use From Idea to Production: Our Approach to Deep Learning Development From 50 Files to One Graph: How Graphify Turns Code Into Knowledge Meta Just Hit Reset on Its AI Strategy And Muse Spark Is the First Big Sign The Complete Suno AI Prompt & Style Collection for Viral Music (2026) CLAUDE.md — The File Claude Reads Before You Speak Stop Chatting with Claude Code. Start Building on It. AI Agents: The Only Guide You’ll Ever Need (And Why Your Job Depends On It) The Stencil Strategy: How to Automate World-Class Medium Content Solving ‘AI Amnesia’ Through Compounding Strategy I Let AI Do My Job for 30 Days — These Were the Things It Couldn’t Do I Take My AI Agent Everywhere With Claude Dispatch: 3 Use Cases You Must Know AI Is Writing My Code — So What Exactly Is My Job Now? NVIDIA Releases AITune: The Toolkit That Automatically Finds the Fastest Inference Backend for Any… How AI Creates Business Value: The 5 Core Types of AI Enterprise AI Architecture Cheatsheet: A Complete Guide How I Almost Shipped My Credentials with Gemini 3 Flash in Google Antigravity The Agentic AI Security Universe: A Complete Guide to Securing Autonomous AI Systems How I Fixed My Neck Which Started Breaking Before My Career Did Using AI Mastering OpenClaw: How This Autonomous Agent Framework Actually Works The Model Too Dangerous to Release— And Why Anthropic Is Talking to the US Government About It Demystifying BM25: The Algorithm That Powers Search Step-by-Step Guide to Building AI Agents Using LLMs Gradient Descent — An Explanation Your AI Agent Isn’t Dumb. It Has ADHD 10 AI Startups Changing the World in 2026 (Nobody Is Talking About These Yet)_Part 5
AI governance in regulated environments has two problems.
Olebeng · 2026-05-01 · via Artificial Intelligence in Plain English - Medium
AI governance in regulated environments has two problems. Pre-execution filtering solves one. Here is the other. A response to Ashutosh Rana’s article on enterprise AI governance architecture — and an extension of the ArkForge observation about audit trail integrity. Attribution This article is a response to Every Enterprise AI Framework Has a Compliance Gap — Here’s the Architecture That Closes It by Ashutosh Rana, Enterprise AI Architect. I commented on that article when it was published on Dev.to . This piece expands that comment into a longer analysis. The ArkForge comment on the original article, which raised the tamper-evidence question, is also credited and extended here. I recommend reading Rana’s article first. The architectural pattern he describes is correct. My disagreement is about where that pattern ends. The insight most teams miss Rana makes a point in his article that I want to highlight before adding to it, because it is genuinely important and most teams implementing AI in regulated environments do not fully understand it until it is explained clearly. The violation in an AI system does not occur at the output. It occurs The violation in an AI pipeline occurs at retrieval, not at output. By the time a post-processing filter fires, the model has already processed whatever was retrieved — including data it should never have seen. Under FERPA, HIPAA, and GDPR, that access is the disclosure event, regardless of what the filter does to the response. The violation in an AI pipeline occurs at retrieval, not at output. By the time a post-processing filter fires, the model has already processed whatever was retrieved — including data it should never have seen. Under FERPA, HIPAA, and GDPR, that access is the disclosure event, regardless of what the filter does to the response. The violation occurs at retrieval, not output. By the time a filter fires, the data is already in the model’s context. That access is the disclosure event.The violation occurs at retrieval, not output. By the time a filter fires, the data is already in the model’s context. That access is the disclosure event.The violation occurs at retrieval, not output.at retrieval. The common assumption is that a post-processing filter, something that checks the model’s response before it reaches the user, is an adequate control for unauthorised access to regulated data. It is not. Under FERPA 34 CFR § 99.30, HIPAA 45 CFR § 164.502, and GDPR Article 5(1)(f), unauthorised access occurs at the moment the data enters the model’s context window. The fact that the output was subsequently filtered does not undo the disclosure. The data was processed. The access happened. This matters enormously for how you design AI governance systems. A post-processing filter is better than nothing. It is not a substitute for pre-execution governance that prevents unauthorised retrieval from occurring in the first place. The diagram above shows where the violation actually sits in a standard RAG pipeline. The pre-execution governance layer, if correctly placed, fires before retrieval runs. The post-processing output filter fires after the model has already processed whatever was retrieved, including anything it should not have seen. By that point, the regulatory violation has already occurred. This architectural point is the foundation of Rana’s article. It is correct. Where I want to push further is one layer below it. The question the architecture does not address Rana’s article describes a pre-execution governance layer that fires before each agent action. The layer checks the requested action against a set of policy filters and either approves, denies, or escalates to human review. It produces a structured audit record for each decision. This is the right structural answer to the runtime governance problem. But there is a prior question that sits underneath it, and it is the question that most compliance and engineering teams are not yet asking systematically: does the governance layer itself correctly implement what it was designed to do? Consider the HIPAA adapter in Rana’s implementation. The policy declares phi_categories, sets minimum_necessary to True, and references 45 CFR § 164.502(b). The structured audit record then states “Access authorised minimum necessary standard applied.” That record is accurate only if the enforcement logic in the filter actually applies the minimum necessary standard correctly to the specific data retrieved in that specific context. If there is a bug in the phi_categories matching logic, or if the integration passes the wrong role to the authorisation check, or if a developer subsequently modified the filter behaviour without updating the policy configuration, the audit trail will confidently record compliant decisions that were not compliant. The compliance claim rests on two separate questions, not one: Question 1: Does the runtime governance layer fire on every relevant action before it executes? Question 2: Does the governance layer correctly implement what it was designed to do? Rana’s architecture comprehensively addresses Question 1. The pre-execution pattern, the filter design, the structured audit trail, the human-in-the-loop mechanisms, all of these are about ensuring the governance layer fires correctly at runtime. Question 2 is about whether the code behind that governance layer implements what the policy says it implements. This is not a runtime question. It is a pre-deployment verification question. And it is almost entirely unaddressed in the current state of AI governance tooling. To put it plainly: a governance layer that fires on every action and reliably produces an audit trail, but has a bug in its HIPAA role-matching logic, will record a confident audit trail of non-compliant decisions. The trail is real. The decisions are wrong. And the trail itself provides false confidence that the system is behaving as designed. The ArkForge observation — and what it does not resolve The ArkForge comment on Rana’s article raised the tamper-evidence question. Hash chains are the proposed solution: each audit record includes a cryptographic hash of the previous record, so any attempt to modify or delete records retroactively is detectable. The observation is technically correct and the problem it addresses is real. In a multi-party agentic deployment, where the orchestrator, the model provider, and the compliance layer are operated by different parties, a tamper-evident audit trail matters. No single party can retroactively edit the record. But here is the important limitation: hash chains prove that a record was not modified after it was written. They do not prove that the decision recorded in it was correct at the time it was made. An audit trail that faithfully records incorrect governance decisions is tamper-evident. The decisions are still wrong. The chain proves the records are authentic. It does not prove the logic that produced them was correctly implemented. This distinction matters for regulators. Under GDPR Article 30, records of processing activities must be maintained. Under HIPAA § 164.528, accounting of disclosures is required. Under the EU AI Act’s conformity assessment obligations for high-risk AI systems, documented evidence of correct governance implementation is required. A hash-linked audit trail satisfies the first requirement, records exist and are authentic. It does not satisfy the second, that the governance logic was correctly implemented. The multi-party verification problem The ArkForge comment correctly identifies that multi-party deployments create a trust problem. If the orchestrator, model provider, and compliance layer are operated by different parties, who trusts whose audit trail? Hash chains solve the “trust the record” problem. They do not solve the “trust the logic” problem. In a multi-party agentic deployment, each party can prove their own audit trail is tamper-evident. None of them can independently prove that the other parties’ governance layers were correctly implemented against the standards they claim to satisfy. This is not a theoretical concern. Consider a healthcare AI deployment where: The orchestrator is operated by a hospital. The model provider is a cloud AI company. The compliance layer is provided by a third-party governance vendor. Each party produces a tamper-evident audit trail. But the HIPAA compliance determination, whether a specific data access satisfied the minimum necessary standard, is made by the governance vendor’s filter logic. The hospital cannot verify that the vendor’s implementation is correct without independent code-level analysis. The vendor’s audit trail proves that its decisions were recorded faithfully. It does not prove those decisions were correct. This is the verification gap that nobody currently has a standardised answer to. The regulatory trajectory is moving toward requiring it. GDPR Article 25 (data protection by design and by default) already implies it. The EU AI Act’s conformity assessment requirements for high-risk AI systems are moving toward it. The question of how you prove the implementation matches the designed governance architecture, not just that a governance layer exists, is the audit question that comes after the one Rana’s article addresses. What this means for teams building regulated AI systems Rana’s architecture is the right starting point. The pre-execution governance layer pattern, the structured audit records, the regulation-specific policy classes, these are correct architectural decisions. Build them. But treat them as the floor, not the ceiling. On Question 1 (does it fire): Rana’s implementation handles this well. The pre-execution filter pattern, the OWASP Agentic AI Top 10 mitigations, the human review checkpoints, implement them. On Question 2 (is it correct): Before any AI system processes regulated data in a production environment, systematically verify that the governance layer code correctly implements what its policy documentation says it does. This is not a one-time review. Governance layer code changes. Policy documentation changes. The verification needs to happen with every change to either. The specific things to verify: The data category matching logic should correctly identify regulated data under each applicable framework. A HIPAA filter that misclassifies a diagnosis code as non-PHI will fire correctly on every action, and authorise access it should not authorise. The role-based access logic should correctly evaluate the requesting party’s authorisation for the specific data being requested, not just their general role in the system. BOLA vulnerabilities are common precisely because authentication (are you logged in?) is easier to implement than authorisation (do you own what you are requesting?). The minimum necessary standard, where applicable, should be enforced at the retrieval level, not the output level. This circles back to the diagram above: the standard applies to what enters the model’s context, not to what the model produces. The audit record format should satisfy the documentation requirements of the applicable regulations. A record that says “access authorised” does not satisfy GDPR Article 30’s requirements for records of processing activities without additional fields specifying the legal basis, the data categories, the purpose, and the recipient. The regulatory trajectory The short version: the regulatory environment is moving toward requiring systematic verification of AI governance implementations, not just the existence of governance layers. The EU AI Act’s conformity assessment requirements for high-risk AI systems require documented evidence that the system operates as designed. For AI systems making decisions that affect individuals in healthcare, employment, education, and other regulated domains, “we have a governance layer” is not a conformity argument. “We have a governance layer and here is evidence it correctly implements these specific controls” is. The HIPAA Security Rule update proposed in January 2025 explicitly requires that AI tools be included in organisational risk analysis and risk management activities. That requirement is not satisfied by deploying a governance library. It is satisfied by conducting a systematic analysis of whether the governance logic correctly handles the specific risk scenarios relevant to the deployment. None of the major AI frameworks have built-in mechanisms for this level of verification. The gap between having a governance layer and being able to demonstrate that the governance layer correctly implements what it was designed to do is where the next phase of AI compliance tooling needs to go. Conclusion Rana’s article identifies the right structural answer to the runtime governance problem. The pre-execution governance layer pattern is correct. The point about violations occurring at retrieval rather than output is genuinely important and under-appreciated. The implementation examples are practically useful. My argument is that the governance layer itself needs a layer of verification that does not currently exist in any systematic form. Not just that it fires, but that it correctly implements what it claims to implement. Not just that the audit trail is tamper-evident, but that the decisions recorded in the trail were produced by correctly implemented logic. The tools to do this systematically, pre-deployment, before regulated data is processed, with evidence trails that satisfy the documentation requirements of the applicable frameworks, are what the next phase of the AI governance tooling market needs to build. Olebeng Molefe is the founder of IntentGuard, an automated intent audit platform that compares codebase implementation against declared design intent. IntentGuard is in final pre-launch hardening. Waitlist at intentguard.dev . This article references: Ashutosh Rana, “Every Enterprise AI Framework Has a Compliance Gap — Here’s the Architecture That Closes It”, Dev.to , April 2026 ArkForge comment on the above article, April 2026 EU AI Act, European Parliament and Council, 2024 HIPAA Security Rule Update, HHS Office for Civil Rights, January 2025 OWASP Agentic AI Top 10 2026, OWASP Foundation, December 2025 xtension of the ArkForge observation about audit trail integrity. AI governance in regulated environments has two problems. was originally published in Artificial Intelligence in Plain English on Medium, where people are continuing the conversation by highlighting and responding to this story.