A Lifecycle Governance Control Plane for Securing AI Workloads in Multi-Cloud Environments

Abstract

Modern workloads supporting AI applications increasingly rely on multiple cloud platforms to enable growth, compliance, specialty services and resilience. This introduces a key challenge for governance in terms of dispersed security controls in the identity management system, model registry, deployment infrastructure, runtime endpoints, and monitoring stack. Cloud security techniques are traditionally provider-specific and infrastructure-centric, and thus fail to protect the end-to-end lifecycle of AI in multi-clouds. The present study proposes a multi-cloud AI governance framework, which includes the following three contributions: (i) MAGCP-6, a six-component governance control plane for AI applications in multi-clouds; (ii) LPEM, a lifecycle-based enforcement model for policies in AI in multi-clouds; and (iii) CGAL, a continuous governance assurance loop for AI in multi-clouds. These three components together constitute an integrated lifecycle-centric governance approach, which provides support for validating workload identity, making decisions based on policies, verifying model artifacts, attesting execution environments, monitoring runtime, and sustaining governance assurance