{"id":"https://openalex.org/W7128213433","doi":"https://doi.org/10.3390/jcp6010027","title":"Securing Generative AI Systems: Threat-Centric Architectures and the Impact of Divergent EU\u2013US Governance Regimes","display_name":"Securing Generative AI Systems: Threat-Centric Architectures and the Impact of Divergent EU\u2013US Governance Regimes","publication_year":2026,"publication_date":"2026-02-06","ids":{"openalex":"https://openalex.org/W7128213433","doi":"https://doi.org/10.3390/jcp6010027"},"language":"en","primary_location":{"id":"doi:10.3390/jcp6010027","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp6010027","pdf_url":"https://www.mdpi.com/2624-800X/6/1/27/pdf?version=1770806138","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2624-800X/6/1/27/pdf?version=1770806138","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5122786892","display_name":"Vijay Kanabar","orcid":null},"institutions":[{"id":"https://openalex.org/I111088046","display_name":"Boston University","ror":"https://ror.org/05qwgg493","country_code":"US","type":"education","lineage":["https://openalex.org/I111088046"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Vijay Kanabar","raw_affiliation_strings":["Metropolitan College, Boston University, Boston, MA 02215, USA"],"affiliations":[{"raw_affiliation_string":"Metropolitan College, Boston University, Boston, MA 02215, USA","institution_ids":["https://openalex.org/I111088046"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5080105035","display_name":"Kalinka Kaloyanova","orcid":"https://orcid.org/0000-0003-0222-7607"},"institutions":[{"id":"https://openalex.org/I24768866","display_name":"Bulgarian Academy of Sciences","ror":"https://ror.org/01x8hew03","country_code":"BG","type":"government","lineage":["https://openalex.org/I24768866"]},{"id":"https://openalex.org/I4210105926","display_name":"Institute of Mathematics and Informatics","ror":"https://ror.org/01b5dy719","country_code":"BG","type":"facility","lineage":["https://openalex.org/I24768866","https://openalex.org/I4210105926"]},{"id":"https://openalex.org/I58918642","display_name":"Sofia University \"St. Kliment Ohridski\"","ror":"https://ror.org/02jv3k292","country_code":"BG","type":"education","lineage":["https://openalex.org/I58918642"]}],"countries":["BG"],"is_corresponding":true,"raw_author_name":"Kalinka Kaloyanova","raw_affiliation_strings":["Faculty of Mathematics and Informatics, Sofia University \u201cSt. Kliment Ohridski\u201d, 5 J. Bourchier Blvd., 1164 Sofia, Bulgaria","Institute of Mathematics and Informatics, Bulgarian Academy of Science, Acad. G. Bonchev Str., Bl. 8, 1113 Sofia, Bulgaria"],"affiliations":[{"raw_affiliation_string":"Faculty of Mathematics and Informatics, Sofia University \u201cSt. Kliment Ohridski\u201d, 5 J. Bourchier Blvd., 1164 Sofia, Bulgaria","institution_ids":["https://openalex.org/I58918642"]},{"raw_affiliation_string":"Institute of Mathematics and Informatics, Bulgarian Academy of Science, Acad. G. Bonchev Str., Bl. 8, 1113 Sofia, Bulgaria","institution_ids":["https://openalex.org/I24768866","https://openalex.org/I4210105926"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5080105035"],"corresponding_institution_ids":["https://openalex.org/I24768866","https://openalex.org/I4210105926","https://openalex.org/I58918642"],"apc_list":{"value":1000,"currency":"CHF","value_usd":1082},"apc_paid":{"value":1000,"currency":"CHF","value_usd":1082},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.47913877,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"6","issue":"1","first_page":"27","last_page":"27"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.3564999997615814,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.3564999997615814,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.2694000005722046,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.10649999976158142,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7113000154495239},{"id":"https://openalex.org/keywords/generative-grammar","display_name":"Generative grammar","score":0.640999972820282},{"id":"https://openalex.org/keywords/limiting","display_name":"Limiting","score":0.5364000201225281},{"id":"https://openalex.org/keywords/corporate-governance","display_name":"Corporate governance","score":0.5336999893188477},{"id":"https://openalex.org/keywords/probabilistic-logic","display_name":"Probabilistic logic","score":0.5315999984741211},{"id":"https://openalex.org/keywords/divergence","display_name":"Divergence (linguistics)","score":0.4828999936580658},{"id":"https://openalex.org/keywords/baseline","display_name":"Baseline (sea)","score":0.4519999921321869},{"id":"https://openalex.org/keywords/core","display_name":"Core (optical fiber)","score":0.426800012588501}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7113000154495239},{"id":"https://openalex.org/C39890363","wikidata":"https://www.wikidata.org/wiki/Q36108","display_name":"Generative grammar","level":2,"score":0.640999972820282},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6212000250816345},{"id":"https://openalex.org/C188198153","wikidata":"https://www.wikidata.org/wiki/Q1613840","display_name":"Limiting","level":2,"score":0.5364000201225281},{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.5336999893188477},{"id":"https://openalex.org/C49937458","wikidata":"https://www.wikidata.org/wiki/Q2599292","display_name":"Probabilistic logic","level":2,"score":0.5315999984741211},{"id":"https://openalex.org/C207390915","wikidata":"https://www.wikidata.org/wiki/Q1230525","display_name":"Divergence (linguistics)","level":2,"score":0.4828999936580658},{"id":"https://openalex.org/C12725497","wikidata":"https://www.wikidata.org/wiki/Q810247","display_name":"Baseline (sea)","level":2,"score":0.4519999921321869},{"id":"https://openalex.org/C2164484","wikidata":"https://www.wikidata.org/wiki/Q5170150","display_name":"Core (optical fiber)","level":2,"score":0.426800012588501},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.41190001368522644},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.37549999356269836},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3725000023841858},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.34769999980926514},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.34450000524520874},{"id":"https://openalex.org/C53619493","wikidata":"https://www.wikidata.org/wiki/Q4787093","display_name":"Architecture framework","level":3,"score":0.3398999869823456},{"id":"https://openalex.org/C166052673","wikidata":"https://www.wikidata.org/wiki/Q83021","display_name":"Empirical evidence","level":2,"score":0.3188000023365021},{"id":"https://openalex.org/C58642233","wikidata":"https://www.wikidata.org/wiki/Q8269924","display_name":"Taxonomy (biology)","level":2,"score":0.3158000111579895},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.31439998745918274},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.29980000853538513},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.28999999165534973},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.2896000146865845},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.2824000120162964},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.27090001106262207},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.26179999113082886}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/jcp6010027","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp6010027","pdf_url":"https://www.mdpi.com/2624-800X/6/1/27/pdf?version=1770806138","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:b26e106c417b4d089117d689c6dc8639","is_oa":true,"landing_page_url":"https://doaj.org/article/b26e106c417b4d089117d689c6dc8639","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Journal of Cybersecurity and Privacy, Vol 6, Iss 1, p 27 (2026)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/jcp6010027","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp6010027","pdf_url":"https://www.mdpi.com/2624-800X/6/1/27/pdf?version=1770806138","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.40472620725631714,"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7128213433.pdf","grobid_xml":"https://content.openalex.org/works/W7128213433.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Generative":[0],"AI":[1,60],"(GenAI)":[2],"systems":[3],"are":[4,96],"increasingly":[5],"deployed":[6],"across":[7],"high-impact":[8],"sectors,":[9],"introducing":[10],"security":[11,94,119],"risks":[12,95],"that":[13,49,91,123],"fundamentally":[14],"differ":[15],"from":[16],"those":[17],"of":[18,58,104,114],"traditional":[19],"software.":[20],"Their":[21],"probabilistic":[22],"behavior,":[23,66],"emergent":[24],"failure":[25],"modes,":[26],"and":[27,34,40,70,83,106,121],"expanded":[28],"attack":[29],"surface,":[30],"particularly":[31],"through":[32],"retrieval":[33,67],"tool":[35],"integration,":[36],"complicate":[37],"threat":[38],"modeling":[39],"control":[41],"assurance.":[42],"This":[43],"paper":[44],"presents":[45],"a":[46],"threat-centric":[47],"analysis":[48],"maps":[50],"adversarial":[51],"techniques":[52],"to":[53],"the":[54,78,102,112,130],"core":[55],"architectural":[56],"layers":[57],"generative":[59],"systems,":[61],"including":[62],"training":[63],"pipelines,":[64],"model":[65],"mechanisms,":[68],"orchestration,":[69],"runtime":[71],"interaction.":[72],"Using":[73],"established":[74],"taxonomies":[75],"such":[76],"as":[77,129],"OWASP":[79],"LLM":[80],"Top":[81],"10":[82],"MITRE":[84],"ATLAS":[85],"alongside":[86],"empirical":[87],"research,":[88],"we":[89],"show":[90],"many":[92],"GenAI":[93,118],"structural":[97],"rather":[98],"than":[99],"configurable,":[100],"limiting":[101],"effectiveness":[103],"perimeter-based":[105],"policy-only":[107],"controls.":[108],"We":[109],"additionally":[110],"analyze":[111],"impact":[113],"regulatory":[115],"divergence":[116],"on":[117],"architecture":[120],"find":[122],"EU":[124],"frameworks":[125],"serve":[126],"in":[127],"practice":[128],"highest":[131],"common":[132],"technical":[133],"baseline":[134],"for":[135],"transatlantic":[136],"deployments.":[137]},"counts_by_year":[],"updated_date":"2026-03-11T06:11:40.159057","created_date":"2026-02-08T00:00:00"}