Skip to content

AARM Alignment

AARM (Autonomous Action Runtime Management) is an open system specification from the Cloud Security Alliance for securing AI-driven actions at runtime — intercept, authorize, and audit before execution.

This page maps AARM concepts to sections of the MLSecOps Practical Reference Guide. It is complementary alignment, not an official AARM document or conformance claim. For normative requirements, use the AARM specification.


Mapping

AARM MLSecOps
Runtime Authorization Chapter 8 — Agentic AI Security
Context Chapter 7 (retrieval / prompt context) · Chapter 8 (agent memory) · Chapter 11 — Evidence Pack (audit receipts)
Intent Intent Gate (Ch.8)
Runtime Monitoring Chapter 10 — Monitoring, SOC, and IR
Threat Model Chapter 2 — Scope and Threat Model
Implementation Appendix E — Implementation Reference

AARM requirements (quick cross-ref)

AARM requirement MLSecOps pointer
R1 Pre-execution interception Ch.8 — Intent Gate, tool policy
R2 Context accumulation Ch.7, Ch.8
R3 Policy + intent alignment Ch.8 — Intent Gate
R4 Authorization decisions (allow / deny / modify / step-up / defer) Ch.8 — HITL, scoped tools
R5 Tamper-evident receipts Ch.11 — Evidence Pack
R6 Identity binding Ch.2, Ch.8
R7 Semantic distance / intent drift (Extended) Ch.8, Ch.10
R8 Telemetry export (Extended) Ch.10
R9 Least-privilege enforcement (Extended) Ch.8 — scoped tools, MCP


Alignment page · MLSecOps Practical Reference Guide · not an AARM conformance statement