Latest news with #OpenID
Forbes
10 hours ago
- Business
- Forbes
Operationalizing AI: A CISO's Guide To Adopting MCP With Confidence
CTO at SGNL. Inventor of CAEP. Okta Identity 25 Listee. Standards guy at OpenID. Believes access control is critical to cybersecurity. The technology world is abuzz with the development of the model context protocol (MCP) because it unlocks powerful interactions between large language models (LLMs) and existing enterprise services. The perils of unauthorized data access can dampen enterprises' enthusiasm for adopting MCP. The result is that the promised productivity benefits of AI are harder to achieve, while simultaneously, the unauthorized use of internal data by employees using personal AI accounts grows. Here's what your organization can do to adopt AI and MCP with confidence and provide a secure alternative to unauthorized AI usage. A Quick Recap Large language models are a popular AI technology. A specialized class of LLMs is 'generative pre-trained transformers' (GPTs). Fundamentally, a GPT's behavior is like autocomplete in a word processor: By looking at the preceding text, it can predict the text that follows. The preceding text is called the context, in which the immediate prompt that you type is a part. The latest versions of GPTs are better at step-by-step reasoning, especially when prompted to 'think step by step,' allowing them to break down complex questions into logical steps before answering. Some GPT-enabled services (like ChatGPT with browsing or plugins) integrate external tools that fetch web results and supply them as context for the model to reason over. For other data that users want to bring into the context, they retrieve it themselves and provide it to the GPT. This is called 'retrieval augmented generation' (RAG), which is often automated in enterprises by external systems integrated with the LLM. Instead of this custom way of retrieval, the model context protocol provides a standardized protocol for the LLM (i.e., the model) to discover tools and resources provided by MCP servers that are available to it and communicate with them to form the context. Hence, the model context protocol. Pitfalls In Enterprise Use Of MCP Everyone is predictably excited about MCP because it unleashes a powerful way to enrich the capabilities of GPTs. If a GPT determines the several steps required to answer a question, it can reach out to the relevant MCP servers that can provide the context for each one of those steps in order to generate the answer. The trouble is, how can an enterprise ensure that the data being requested and fetched by the LLM is, in fact, permitted for the user to be retrieved? If the MCP server can modify data, then how can the enterprise ensure the user has the permissions to make those modifications? While this seems like a simple authorization question, it gets a bit more involved: • MCP servers cannot run with more access than the requesting user because each user's permissions may be different. So each MCP query must run with the requesting user's privilege. • Since user privileges are dynamic (someone working on a specific customer's case today may not have a need to access that customer's data tomorrow), it follows that MCP servers need to understand what a user has access to at the time of the query. • Enterprises often run in a permissive environment, providing users broad access based on their job function (or, often, their previous job functions too). Often, this includes sensitive customer or internal data. Human users are judicious in their use of such data in their output. Because MCP puts this same access in the hands of LLMs, the same level of judgment probably will not be exercised by the LLM in determining if some information should or should not be used. • Thus, MCP defeats the de-facto 'security through obscurity' operating model. Users won't try multiple ways of obtaining information they are not supposed to, whereas LLMs will try solving the problem in many different ways before giving up. So, if the data is accessible to the MCP server, it will find its way into the answers, revealing information it should not. Securing MCP usage Implementing the following strategies can help secure MCP for organizational use: In order for enterprises to effectively use MCP, they must adopt a 'zero standing privilege' access control strategy. Unlike in the conventional model, with 'zero standing privilege,' at any given time, the user will only have access to the data that they need to complete the specific task they are currently working on. This lays the foundation for ensuring that MCP servers do not accidentally provide data that should not be available in producing an answer. ZSP automatically implies a dynamic access control strategy because it is impossible for anyone to manually update users' permissions to what they need at any given moment. And one more thing: ZSP is great for defending against cyber breaches, too, because attackers assuming employee identities are unable to access a lot of data and cause a lot of damage. LLMs acting on behalf of a user should not be able to discover tools within MCP servers that the requesting user should not have access to at the time of execution. This can be done by ensuring that the 'list tools' call made by the MCP client is authorized using the user's identity so that the MCP server can appropriately hide tools that are not to be used by that user. MCP Servers must execute with the requesting user's privileges because if they have their own elevated privileges, then it will be hard for the downstream services to figure out what data should or should not be provided. Having the entire chain execute as the user also makes it easier to audit data usage across all systems. Conclusion MCP is a promising technology, and harnessing it with the right security guardrails can unleash employee productivity while clamping down on unauthorized AI usage. Adopting a zero standing privilege strategy with appropriate controls over MCP servers can help organizations deploy MCP with confidence. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Yahoo
22-04-2025
- Business
- Yahoo
OpenAP's TV network owners push ahead on interoperable streaming ads
This story was originally published on Marketing Dive. To receive daily news and insights, subscribe to our free daily Marketing Dive newsletter. Ad tech company OpenAP's new Open Identity cross-platform identify solution will go live in May. The solution is designed to enable advertisers to identify single audiences across publishers, streamers and data providers, according to a press release. Acxiom, DeepSync, Experian, LiveRamp and TransUnion are on board and have agreed to standardize their data for use with the Open Identity offering. OpenAP is owned by Fox, NBCUniversal, Paramount and Warner Bros. Discovery. The company described Open Identity as an evolution of its OpenID common TV identifier that goes further by enabling direct matching of identity data for more seamless usage for advertisers. In an increasingly fragmented media landscape, the quest for the perfect cross-platform audience targeting model continues. On the heels of agencies and data companies offering consumer identity solutions, Open Identity is a bid by the TV networks who own OpenAP to show they have something to offer as well. They aren't alone: The Association of National Advertisers is expected to roll out a beta test of its Aquila measurement solution in the near future, according to MediaPost. OpenAP's stakeholders assert that the Open Identity product has a strong point of differentiation because it was developed by TV broadcasters who know that advertisers want enhanced options for premium video. 'The workflow of the future for streaming video must be interoperable and data must connect seamlessly across all data providers, publishers, platforms and currencies,' said OpenAP CEO David Levy, in a statement. Once the product is live, publishers and data providers will connect their data sets to OpenAP's data clean room, which will allow advertisers to compose audiences with identify information across the industry without any additional 'crosswalks,' according to OpenAP. Advertisers and publishers will then use Open Identity to define the identity providers they want to use on a campaign as well as the business logic that governs targeting and measurement. The news is the latest example of the premium that the marketing and advertising industry has placed on data. Earlier this month, WPP acquired data collaboration platform InfoSum in a bid to boost the holding company's AI-powered data intelligence and consumer identity capabilities. That acquisition followed Publicis Groupe's purchase of identity solutions firm Lotame for similar purposes. Recommended Reading Aquila shares progress report as it works to fix cross-media measurement Sign in to access your portfolio
