Vectors stored for semantic retrieval can be inverted to reconstruct original source text, or probed to infer whether specific confidential information is present, exposing PII or proprietary content held in the knowledge layer.
AI/ML / Multi Agent Refarch / Threats / DEV
Embedding inversion and membership inference on the vector store
CCC.MARefArc.TH03
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.MARefArc.CP13 | Vector-based semantic retrieval | Vector databases providing semantic search and grounding so agents can find relevant information from large text corpora. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.MARefArc.CN04 | Data Quality and Classification | Assess the quality of, and assign classification and sensitivity labels to, all data used for grounding, training, and fine-tuning, and enforce handling rules derived from those labels throughout the Knowledge and LLM layers. |
| CCC.MARefArc.CN09 | Encryption of AI Data at Rest | Encrypt AI data at rest, including the vector store and source repositories, so that storage-level access does not expose embeddings or sensitive content. |
| CCC.MARefArc.CN22 | Preserving Source Data Access Controls in AI Systems | Propagate the access controls of source data into the retrieval path so that retrieval and generation cannot expose content a requesting user is not authorized to see. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| air-vec | AIR-SEC-002-01 | |
| air-vec | AIR-SEC-002-02 |