> For the complete documentation index, see [llms.txt](https://yeasy.gitbook.io/ai_security_guide/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://yeasy.gitbook.io/ai_security_guide/di-yi-bu-fen-ji-chu-pian/03_frameworks.md). # 第三章 安全框架与标准 随着 LLM 安全问题日益受到重视,业界已经形成了一系列安全框架和标准,为评估和防护 LLM 安全提供了系统化的指导。本章将介绍最具影响力的安全框架,帮助读者建立结构化的安全思维。 本章聚焦于 LLM 安全的框架与标准,主要内容包括: * **3.1 OWASP 大语言模型十大风险解析**:深入解读业界广泛采用的 LLM 安全风险清单 * **3.2 NIST AI 风险管理框架**:了解美国国家标准技术研究院的 AI 风险管理方法 * **3.3 行业安全标准与最佳实践**:汇总各行业的 LLM 安全要求 * **3.4 MITRE ATLAS:AI 系统对抗战术与技术矩阵**:以攻击者视角组织 AI 攻击 TTP,与 OWASP、NIST 形成“风险—治理—对抗”三视角 通过本章的学习,读者将掌握评估 LLM 安全的系统方法,能够将这些框架应用于实际的安全实践中。 ```mermaid graph LR subgraph "LLM 安全框架体系" A["OWASP LLM Top 10"] --> D["安全评估"] B["NIST AI RMF"] --> D C["行业标准"] --> D G["MITRE ATLAS"] --> D D --> E["安全成熟度"] E --> F["持续改进"] end ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://yeasy.gitbook.io/ai_security_guide/di-yi-bu-fen-ji-chu-pian/03_frameworks.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.