Poisoning Attestation
Introduction
The Poisoning Attestation Schema extends the generic Attestation Schema to enable attestations related to data poisoning. By referencing poisoning event details such as the type of poisoning (e.g. mislabelling attack, data injection, data manipulation, etc.), the date and severity, this schema ensures a structured way to document and track reported data poisoning events.
Description
This schema includes:
- Type: The attestation type, set to "Poisoning".
- Poisoning Details: Provides details of the data poisoning event, including poisoning type, date, severity & description.
Use Case
The Poisoning Attestation Schema is used to:
- Document Poisoning events: Attach details of poisoning events to attestations for components.
- Track Poisoning: Keep track of components which have been poisoning and trace which other components this affects.
- Support Compliance: Ensure that poisoning components are tracked and managed in line with security standards.
This schema promotes transparency and accountability, ensuring that data poisoning event information is communicated clearly across software supply chains and trace if a data poisoning event compromises any components in that supply chain.
Schemas
- yaml
- json
- markdown
$id: https://github.com/nqminds/Trusted-AI-BOM/blob/main/packages/schemas/src/taibom-schemas/65-poisoning-attestation.v1.0.0.schema.yaml
$schema: https://json-schema.org/draft/2019-09/schema
title: Poisoning Attestation
description: |
This schema extends the generic Attestation Schema to define an attestation that a component is poisoning
type: object
properties:
component:
type: object
description: Component reference, including an ID and hash for the VC claim.
properties:
id:
type: string
description: The component ID (unique identifier) of the VC claim.
hash:
type: string
description: Cryptographic hash (e.g., SHA-256) for verifying the integrity of the VC claim.
required:
- id
- hash
attestation:
type: object
properties:
type:
type: string
enum:
- poisoning
description: Type of attestation, set to "Poisoning" for this schema.
poisoning:
type: object
description: poisoning event that applies to the particular component
properties:
date:
type: string
description: The date of the data poisoning event
type:
type: string
description: The type of data poisoning event (e.g. mislabelling attack, data injection, data manipulation)
severity:
type: string
description: Severity of data poisoning
description:
type: string
description: description of data poisoning event
required:
- date
required:
- type
- poisoning
required:
- component
- attestation
{
"$id": "https://github.com/nqminds/Trusted-AI-BOM/blob/main/packages/schemas/src/taibom-schemas/65-poisoning-attestation.v1.0.0.schema.yaml",
"$schema": "https://json-schema.org/draft/2019-09/schema",
"title": "Poisoning Attestation",
"description": "This schema extends the generic Attestation Schema to define an attestation that a component is poisoning\n",
"type": "object",
"properties": {
"component": {
"type": "object",
"description": "Component reference, including an ID and hash for the VC claim.",
"properties": {
"id": {
"type": "string",
"description": "The component ID (unique identifier) of the VC claim."
},
"hash": {
"type": "string",
"description": "Cryptographic hash (e.g., SHA-256) for verifying the integrity of the VC claim."
}
},
"required": [
"id",
"hash"
]
},
"attestation": {
"type": "object",
"properties": {
"type": {
"type": "string",
"enum": [
"poisoning"
],
"description": "Type of attestation, set to \"Poisoning\" for this schema."
},
"poisoning": {
"type": "object",
"description": "poisoning event that applies to the particular component",
"properties": {
"date": {
"type": "string",
"description": "The date of the data poisoning event"
},
"type": {
"type": "string",
"description": "The type of data poisoning event (e.g. mislabelling attack, data injection, data manipulation)"
},
"severity": {
"type": "string",
"description": "Severity of data poisoning"
},
"description": {
"type": "string",
"description": "description of data poisoning event"
}
},
"required": [
"date"
]
}
},
"required": [
"type",
"poisoning"
]
}
},
"required": [
"component",
"attestation"
]
}
Poisoning Attestation
This schema extends the generic Attestation Schema to define an attestation that a component is poisoning
The schema defines the following properties:
component (object, required)
Component reference, including an ID and hash for the VC claim.
Properties of the component object:
id (string, required)
The component ID (unique identifier) of the VC claim.
hash (string, required)
Cryptographic hash (e.g., SHA-256) for verifying the integrity of the VC claim.
attestation (object, required)
Properties of the attestation object:
type (string, enum, required)
Type of attestation, set to "Poisoning" for this schema.
This element must be one of the following enum values:
poisoning
poisoning (object, required)
poisoning event that applies to the particular component
Properties of the poisoning object:
date (string, required)
The date of the data poisoning event
type (string)
The type of data poisoning event (e.g. mislabelling attack, data injection, data manipulation)
severity (string)
Severity of data poisoning
description (string)
description of data poisoning event
Examples
- table
- json
| component | attestation |
|---|---|
| [object Object] | [object Object] |
[
{
"component": {
"id": "urn:uuid:222e3337-e89b-12d3-a456-426614174004",
"hash": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0"
},
"attestation": {
"type": "poisoning",
"poisoning": {
"date": "2023-07-09",
"poisoning_type": "Model Poisoning",
"severity": "high",
"description": "description available at: https://blog.mithrilsecurity.io/poisoninggpt-how-we-hid-a-lobotomized-llm-on-hugging-face-to-spread-fake-news/"
}
}
}
]