|
Work item:
|
X.srm-AIphs
|
|
Subject/title:
|
Security requirements and measures for AI agent-enabled public health services
|
|
Status:
|
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
ITU-T SG20, ITU-T SG21, ISO/IEC JTC1/SC27
|
|
Supporting members:
|
Beijing University of Posts and Telecommunications(BUPT), China Unicom, Electronics and Telecommunications Research Institute (ETRI), Alibaba Corporation
|
|
Summary:
|
Artificial intelligence (AI) agent-enabled public health services system enables proactive health management and emergency response. It leverages autonomous agents to perceive complex environments and make decisions through heterogeneous IoT devices. To meet stringent ethical and data protection requirements, the system adopts a specialized reference architecture that incorporates secure data management and continuous closed-loop safety validation for cross-domain health services.
However, the operation of such a highly specialized and interconnected medical architecture introduces unique and complex attack surfaces. Vulnerabilities in the extensive device and network infrastructure significantly expand the potential intrusion perimeter, which may lead to device compromise and bottom-up data poisoning. In addition, the intelligent cognitive and collaborative core of the system inctroduces further critical vulnerabilities. The inherent characteristics of the system, including autonomous multi-agent collaboration and high-dimensional IoT interconnectivity, gibve rise to specific security threats such as decision-making abuse, cross-regional orchestration hijacking, malicious automated workflows, and erroneous service interventions.
Therefore, it's necessary to analyze the security threats and requirements of AI agent-enabled public health services to ensure their secure operation.
This draft Recommendation analyzes the specific security threats and security requirements of AI agent-enabled public health services and specifies appropriate security measures.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2026-04-02 14:16:09
|
|
Last update:
2026-04-02 17:51:03
|
|
