Restrict index lifecycle operations (create, delete, rollback) to privileged identities using fine-grained access controls.
Database / Vector / Controls / DEV
Enforce Role-Based Index Lifecycle Management
CCC.Vector.CN02 · Access
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Vector.CP02 | Vector Indexing | Provides creation and management of indexes optimized for similarity search, such as HNSW, IVF, or PQ. |
| CCC.Vector.CP05 | Batch Ingestion | Allows for high-throughput batch upload and deletion of vectors and associated metadata. |
| CCC.Vector.CP07 | Index Lifecycle Management | Enables automated or manual creation, optimization, and removal of vector indexes. |
| CCC.Vector.CP11 | Query Access Control | Provides the ability to restrict who can run vector similarity or metadata filter queries, separate from data modification rights. |
| CCC.Core.CP06 | Access Control | The service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes. |
| CCC.Core.CP29 | Active Ingestion | While running, the service itself can fetch or reach out to some other service or external source to get data, inputs or commands for the service to process or operate on. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.Vector.TH02 | Embedding and Index Poisoning | Adversaries may insert malicious or adversarial vectors into the index through ingestion endpoints, polluting the dataset and degrading search quality, or subtly steering results toward specific outcomes. |
| CCC.Vector.TH04 | Index Corruption or Downgrade | Attackers with unauthorized access or excessive permissions may tamper with or roll back index versions, potentially restoring poisoned data or breaking downstream integrations. |
| CCC.Core.TH01 | Access is Granted to Unauthorized Users | Logic designed to give different permissions to different entities may be misconfigured or manipulated, allowing unauthorized entities to access restricted parts of the service, its data, or its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.Vector.CN02.AR01 | When an index lifecycle event is triggered, the service MUST verify that the actor has explicit permissions for the operation type. | tlp-clear, tlp-green, tlp-amber, tlp-red |
Guideline Mappings
| Framework | ID | Remarks |
|---|---|---|
| FINOS-AIGF | AIR-PREV-012 | Role-Based Access Control for AI Data |