{ "$schema_version": "1.0", "name": "CoSAI AI Shared Responsibility Framework Glossary Registry", "description": "Canonical, deduplicated definitions for every SRF term. Each term is independently retrievable at /api/glossary/.json and carries a canonical_id that resolves to a single ontology node.", "srf_version": "1.0", "updated": "2026-06-14", "canonical_page": "https://aisharedresponsibility.com/glossary/", "api": { "index": "https://aisharedresponsibility.com/api/glossary/index.json", "term_template": "https://aisharedresponsibility.com/api/glossary/{anchor}.json" }, "count": 30, "terms": [ { "anchor": "layer", "canonical_id": "srf.concept.layer", "term": "Layer", "section": "Framework Architecture", "layers": [], "definition": "One of five enterprise architecture tiers in the CoSAI SRF (L1-L5). Each layer represents a distinct accountability domain. Requirements cascade from L1 downward through L2, L3, L4, and L5.", "anchor_url": "https://aisharedresponsibility.com/glossary/#layer", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/layer.json" }, { "anchor": "L1", "canonical_id": "srf.layer.L1", "term": "L1: AI Business & Usage", "section": "Framework Architecture", "layers": [ "L1" ], "definition": "The governance, strategy, and compliance layer. Owns regulatory obligations, acceptable-use policy, and incident governance. Security and governance requirements set at L1 constrain every layer below it.", "anchor_url": "https://aisharedresponsibility.com/glossary/#L1", "see_also": "https://aisharedresponsibility.com/framework/#L1", "api_url": "https://aisharedresponsibility.com/api/glossary/L1.json" }, { "anchor": "L2", "canonical_id": "srf.layer.L2", "term": "L2: AI Information", "section": "Framework Architecture", "layers": [ "L2" ], "definition": "The data ownership and privacy layer. Accountable for training data provenance, master data management, privacy controls, and data classification decisions.", "anchor_url": "https://aisharedresponsibility.com/glossary/#L2", "see_also": "https://aisharedresponsibility.com/framework/#L2", "api_url": "https://aisharedresponsibility.com/api/glossary/L2.json" }, { "anchor": "L3", "canonical_id": "srf.layer.L3", "term": "L3: AI Application", "section": "Framework Architecture", "layers": [ "L3" ], "definition": "The development and integration layer. Responsible for guardrails, input validation, output filtering, prompt engineering, RAG pipelines, and agent orchestration logic.", "anchor_url": "https://aisharedresponsibility.com/glossary/#L3", "see_also": "https://aisharedresponsibility.com/framework/#L3", "api_url": "https://aisharedresponsibility.com/api/glossary/L3.json" }, { "anchor": "L4", "canonical_id": "srf.layer.L4", "term": "L4: AI Platform", "section": "Framework Architecture", "layers": [ "L4" ], "definition": "The infrastructure and runtime layer. Covers compute, LLM gateways, model routers, guardrail infrastructure, and platform-level IAM.", "anchor_url": "https://aisharedresponsibility.com/glossary/#L4", "see_also": "https://aisharedresponsibility.com/framework/#L4", "api_url": "https://aisharedresponsibility.com/api/glossary/L4.json" }, { "anchor": "L5", "canonical_id": "srf.layer.L5", "term": "L5: AI Model Provider", "section": "Framework Architecture", "layers": [ "L5" ], "definition": "The foundation model and supply-chain layer. Accountable for model security, model cards, vulnerability disclosure, and distribution governance.", "anchor_url": "https://aisharedresponsibility.com/glossary/#L5", "see_also": "https://aisharedresponsibility.com/framework/#L5", "api_url": "https://aisharedresponsibility.com/api/glossary/L5.json" }, { "anchor": "persona", "canonical_id": "srf.concept.persona", "term": "Persona", "section": "Framework Architecture", "layers": [], "definition": "A named stakeholder role in the SRF. There are eight personas, each mapped to one or more layers. Controls assign accountability to exactly one persona.", "anchor_url": "https://aisharedresponsibility.com/glossary/#persona", "see_also": "https://aisharedresponsibility.com/personas/", "api_url": "https://aisharedresponsibility.com/api/glossary/persona.json" }, { "anchor": "operating-model", "canonical_id": "srf.concept.operating-model", "term": "Operating Model", "section": "Framework Architecture", "layers": [], "definition": "One of four deployment archetypes (AI-SaaS, AI-PaaS, Agent-PaaS, IaaS) that determines how L1-L5 accountability shifts between customer and provider.", "anchor_url": "https://aisharedresponsibility.com/glossary/#operating-model", "see_also": "https://aisharedresponsibility.com/operating-models/", "api_url": "https://aisharedresponsibility.com/api/glossary/operating-model.json" }, { "anchor": "accountability", "canonical_id": "srf.concept.accountability", "term": "Accountability", "section": "Accountability Rules", "layers": [], "definition": "The obligation that cannot be delegated. Exactly one party per activity. The SRF's central rule: \"shared\" is a valid matrix value during analysis but must resolve to a single named persona in every control.", "anchor_url": "https://aisharedresponsibility.com/glossary/#accountability", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/accountability.json" }, { "anchor": "accountable-party", "canonical_id": "srf.concept.accountable-party", "term": "Accountable Party", "section": "Accountability Rules", "layers": [], "definition": "The single persona named as accountable for a given control. If a control shows \"shared\" in the responsibility matrix, the accountable party is still the one who cannot transfer the obligation.", "anchor_url": "https://aisharedresponsibility.com/glossary/#accountable-party", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/accountable-party.json" }, { "anchor": "responsibility-cascade", "canonical_id": "srf.concept.responsibility-cascade", "term": "Responsibility Cascade", "section": "Accountability Rules", "layers": [], "definition": "The principle that security and governance requirements set at L1 propagate downward through L2, L3, L4, and L5. An L1 policy decision constrains every layer below it.", "anchor_url": "https://aisharedresponsibility.com/glossary/#responsibility-cascade", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/responsibility-cascade.json" }, { "anchor": "shared-responsibility", "canonical_id": "srf.concept.shared-responsibility", "term": "Shared Responsibility", "section": "Accountability Rules", "layers": [], "definition": "A state in the responsibility matrix where both customer and provider carry obligations for a control. Not a final answer: each shared control must still name one accountable persona.", "anchor_url": "https://aisharedresponsibility.com/glossary/#shared-responsibility", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/shared-responsibility.json" }, { "anchor": "raci", "canonical_id": "srf.concept.raci", "term": "RACI", "section": "Accountability Rules", "layers": [], "definition": "Responsible, Accountable, Consulted, Informed. The SRF applies RACI at the control level but enforces exactly one Accountable owner per row.", "anchor_url": "https://aisharedresponsibility.com/glossary/#raci", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/raci.json" }, { "anchor": "AI-SaaS", "canonical_id": "srf.opmodel.ai-saas", "term": "AI-SaaS", "section": "Operating Models", "layers": [], "definition": "AI-Enabled SaaS. Provider manages the application (L3), platform (L4), and model (L5). Customer retains L1 governance and L2 data obligations. Lowest customer technical responsibility.", "anchor_url": "https://aisharedresponsibility.com/glossary/#AI-SaaS", "see_also": "https://aisharedresponsibility.com/operating-models/#AI-SaaS", "api_url": "https://aisharedresponsibility.com/api/glossary/AI-SaaS.json" }, { "anchor": "AI-PaaS", "canonical_id": "srf.opmodel.ai-paas", "term": "AI-PaaS", "section": "Operating Models", "layers": [], "definition": "AI Platform as a Service. Customer builds and owns L3. Provider manages L4 and L5. Customer and provider share L2.", "anchor_url": "https://aisharedresponsibility.com/glossary/#AI-PaaS", "see_also": "https://aisharedresponsibility.com/operating-models/#AI-PaaS", "api_url": "https://aisharedresponsibility.com/api/glossary/AI-PaaS.json" }, { "anchor": "Agent-PaaS", "canonical_id": "srf.opmodel.agent-paas", "term": "Agent-PaaS", "section": "Operating Models", "layers": [], "definition": "Agentic Platform as a Service. Customer owns agent definitions and L1 business logic on a provider-managed orchestration runtime. L3 and L5 are shared.", "anchor_url": "https://aisharedresponsibility.com/glossary/#Agent-PaaS", "see_also": "https://aisharedresponsibility.com/operating-models/#Agent-PaaS", "api_url": "https://aisharedresponsibility.com/api/glossary/Agent-PaaS.json" }, { "anchor": "IaaS", "canonical_id": "srf.opmodel.iaas", "term": "IaaS", "section": "Operating Models", "layers": [], "definition": "Infrastructure as a Service. Maximum customer responsibility. Customer owns L1-L3 and most of L5. Provider is accountable only for physical infrastructure within L4.", "anchor_url": "https://aisharedresponsibility.com/glossary/#IaaS", "see_also": "https://aisharedresponsibility.com/operating-models/#IaaS", "api_url": "https://aisharedresponsibility.com/api/glossary/IaaS.json" }, { "anchor": "autonomy-level", "canonical_id": "srf.concept.autonomy-level", "term": "Autonomy Level", "section": "Agentic Extensions", "layers": [], "definition": "A six-point scale (L0-L5) classifying how independently an AI agent acts. L0 = fully human-controlled; L5 = fully autonomous with no human oversight. Every agentic deployment must declare its autonomy level.", "anchor_url": "https://aisharedresponsibility.com/glossary/#autonomy-level", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/autonomy-level.json" }, { "anchor": "human-override-tier", "canonical_id": "srf.concept.human-override-tier", "term": "Human Override Tier", "section": "Agentic Extensions", "layers": [], "definition": "A five-point scale (T1-T5) specifying the required human intervention capability for an agentic system. T1 = immediate human takeover at any step; T5 = retrospective audit only. Must be declared alongside autonomy level.", "anchor_url": "https://aisharedresponsibility.com/glossary/#human-override-tier", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/human-override-tier.json" }, { "anchor": "agentic-system", "canonical_id": "srf.concept.agentic-system", "term": "Agentic System", "section": "Agentic Extensions", "layers": [], "definition": "An AI system that can take multi-step actions, use tools, or operate across sessions with limited human supervision. Agentic systems require autonomy level and human override tier declarations in addition to standard SRF layer assignments.", "anchor_url": "https://aisharedresponsibility.com/glossary/#agentic-system", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/agentic-system.json" }, { "anchor": "control", "canonical_id": "srf.concept.control", "term": "Control", "section": "Evidence & Controls", "layers": [], "definition": "A specific accountability assignment within a vertical schema. Each control has an ID (e.g. SRF-L1-DEV-001), a layer, an accountable persona, applicable operating models, and an evidence threshold.", "anchor_url": "https://aisharedresponsibility.com/glossary/#control", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/control.json" }, { "anchor": "evidence-threshold", "canonical_id": "srf.concept.evidence-threshold", "term": "Evidence Threshold", "section": "Evidence & Controls", "layers": [], "definition": "The measurable criterion that satisfies a control. Specifies a metric, operator, parameter, window, and breach action. Used to determine whether accountability is being exercised.", "anchor_url": "https://aisharedresponsibility.com/glossary/#evidence-threshold", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/evidence-threshold.json" }, { "anchor": "ocsf", "canonical_id": "srf.concept.ocsf", "term": "OCSF", "section": "Evidence & Controls", "layers": [], "definition": "Open Cybersecurity Schema Framework. The evidence schema used to specify what telemetry or log data satisfies a control's evidence requirement.", "anchor_url": "https://aisharedresponsibility.com/glossary/#ocsf", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/ocsf.json" }, { "anchor": "control-schema", "canonical_id": "srf.concept.control-schema", "term": "Control Schema", "section": "Evidence & Controls", "layers": [], "definition": "The full set of controls for a vertical. Six are published: Financial Services (40 controls), Healthcare (40), Insurance (40), Public Sector (40), Defense (53), Manufacturing (45).", "anchor_url": "https://aisharedresponsibility.com/glossary/#control-schema", "see_also": null, "api_url": "https://aisharedresponsibility.com/api/glossary/control-schema.json" }, { "anchor": "persona-ai-system-governance", "canonical_id": "srf.role.ai-system-governance", "term": "AI System Governance", "section": "Personas", "layers": [ "L1" ], "definition": "Defines security control objectives, measures implementations, and enforces compliance. Includes AI risk officers, compliance teams, and governance boards.", "anchor_url": "https://aisharedresponsibility.com/glossary/#persona-ai-system-governance", "see_also": "https://aisharedresponsibility.com/personas/#ai-system-governance", "api_url": "https://aisharedresponsibility.com/api/glossary/persona-ai-system-governance.json" }, { "anchor": "persona-data-provider", "canonical_id": "srf.role.data-provider", "term": "Data Provider", "section": "Personas", "layers": [ "L2" ], "definition": "Supplies training data, evaluation datasets, or inference data. Includes data aggregators and dataset licensors.", "anchor_url": "https://aisharedresponsibility.com/glossary/#persona-data-provider", "see_also": "https://aisharedresponsibility.com/personas/#data-provider", "api_url": "https://aisharedresponsibility.com/api/glossary/persona-data-provider.json" }, { "anchor": "persona-application-developer", "canonical_id": "srf.role.application-developer", "term": "Application Developer", "section": "Personas", "layers": [ "L3" ], "definition": "Integrates AI models into applications via APIs or embedded models. Accountable for application-level security, input validation, and output filtering.", "anchor_url": "https://aisharedresponsibility.com/glossary/#persona-application-developer", "see_also": "https://aisharedresponsibility.com/personas/#application-developer", "api_url": "https://aisharedresponsibility.com/api/glossary/persona-application-developer.json" }, { "anchor": "persona-agentic-platform-provider", "canonical_id": "srf.role.agentic-platform-provider", "term": "Agentic Platform Provider", "section": "Personas", "layers": [ "L3", "L4" ], "definition": "Provides development environments, frameworks, and orchestration runtimes for agentic AI.", "anchor_url": "https://aisharedresponsibility.com/glossary/#persona-agentic-platform-provider", "see_also": "https://aisharedresponsibility.com/personas/#agentic-platform-provider", "api_url": "https://aisharedresponsibility.com/api/glossary/persona-agentic-platform-provider.json" }, { "anchor": "persona-ai-platform-provider", "canonical_id": "srf.role.ai-platform-provider", "term": "AI Platform Provider", "section": "Personas", "layers": [ "L4" ], "definition": "Provides compute, APIs, and platform services for AI model hosting. Includes cloud providers and MLOps platforms.", "anchor_url": "https://aisharedresponsibility.com/glossary/#persona-ai-platform-provider", "see_also": "https://aisharedresponsibility.com/personas/#ai-platform-provider", "api_url": "https://aisharedresponsibility.com/api/glossary/persona-ai-platform-provider.json" }, { "anchor": "persona-model-provider", "canonical_id": "srf.role.model-provider", "term": "Model Provider", "section": "Personas", "layers": [ "L5" ], "definition": "Develops, trains, and tunes foundation models. Accountable for model security, model cards, and vulnerability disclosure.", "anchor_url": "https://aisharedresponsibility.com/glossary/#persona-model-provider", "see_also": "https://aisharedresponsibility.com/personas/#model-provider", "api_url": "https://aisharedresponsibility.com/api/glossary/persona-model-provider.json" } ] }