A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service: Mitigating Poisoning, Leakage and Unsafe-Output Threats

Julio Yair Rivera; Ángel D. Pinto Mangones; Nelson A. Pérez García; Mónica Karel Huerta; César Viloria Núñez; Frank Ibarra Hernández; Juan Torres Tovio; Horderlin Robles Vega; Jorge Enrique De la Rosa Pareja

doi:10.1109/CLEI67442.2025.11420318

A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service: Mitigating Poisoning, Leakage and Unsafe-Output Threats

Julio Yair Rivera
, Ángel D. Pinto Mangones
, Nelson A. Pérez García
, Mónica Karel Huerta
, César Viloria Núñez
, Frank Ibarra Hernández
, Juan Torres Tovio
, Horderlin Robles Vega
, Jorge Enrique De la Rosa Pareja

Sede Cuenca

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución de conferencia › revisión exhaustiva

Resumen

Large-Language-Model (LLM) functionality is rapidly becoming a cornerstone of Telemedicine-as-a-Service (PGaaS) platforms. Recent Q1 studies demonstrate that even minuscule training-set or parameter perturbations can introduce persistent back-doors, while inference pipelines leak protected health information (PHI) if left unguarded. Building on the NIST AI Risk Management Framework (AI RMF), this paper proposes and implements a zero-trust, multi-cloud security architecture that couples (i) knowledge-graph–driven data-integrity validation, (ii) containerised fine-tuning isolation, (iii) AI-RMF–centred governance and continuous risk registers, (iv) a privacy-preserving response-sanitisation gateway enhanced with one-time-password (OTP) and KYC identity binding, and (v) remote-attestation-backed zero-knowledge-proof (ZKP) integrity challenges for model weights at runtime. An extensive multi-cloud evaluation shows that the framework detects 94.6 % of tainted samples before ingestion and blocks 91.3 % of unsafe outputs, with a median latency overhead of 66 ms—well below clinical tele-consultation thresholds.

Idioma original	Inglés
Título de la publicación alojada	Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025
Editorial	Institute of Electrical and Electronics Engineers Inc.
ISBN (versión digital)	9798331594534
DOI	https://doi.org/10.1109/CLEI67442.2025.11420318
Estado	Publicada - 2025
Evento	51st Latin American Computer Conference, CLEI 2025 - Valparaiso, Chile Duración: 27 oct. 2025 → 31 oct. 2025

Serie de la publicación

Nombre	Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025

Conferencia

Conferencia	51st Latin American Computer Conference, CLEI 2025
País/Territorio	Chile
Ciudad	Valparaiso
Período	27/10/25 → 31/10/25

Nota bibliográfica

Publisher Copyright:
© 2025 IEEE.

Acceder al documento

10.1109/CLEI67442.2025.11420318

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

Yair Rivera, J., Pinto Mangones, Á. D., Pérez García, N. A., Huerta, M. K., Viloria Núñez, C., Ibarra Hernández, F., Torres Tovio, J., Robles Vega, H., & De la Rosa Pareja, J. E. (2025). A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service: Mitigating Poisoning, Leakage and Unsafe-Output Threats. En Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025 (Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CLEI67442.2025.11420318

Yair Rivera, Julio ; Pinto Mangones, Ángel D. ; Pérez García, Nelson A. et al. / A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service : Mitigating Poisoning, Leakage and Unsafe-Output Threats. Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025. Institute of Electrical and Electronics Engineers Inc., 2025. (Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025).

@inproceedings{f6b4a2a0bb2c431b8e3ac8d288e0c82b,

title = "A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service: Mitigating Poisoning, Leakage and Unsafe-Output Threats",

abstract = "Large-Language-Model (LLM) functionality is rapidly becoming a cornerstone of Telemedicine-as-a-Service (PGaaS) platforms. Recent Q1 studies demonstrate that even minuscule training-set or parameter perturbations can introduce persistent back-doors, while inference pipelines leak protected health information (PHI) if left unguarded. Building on the NIST AI Risk Management Framework (AI RMF), this paper proposes and implements a zero-trust, multi-cloud security architecture that couples (i) knowledge-graph–driven data-integrity validation, (ii) containerised fine-tuning isolation, (iii) AI-RMF–centred governance and continuous risk registers, (iv) a privacy-preserving response-sanitisation gateway enhanced with one-time-password (OTP) and KYC identity binding, and (v) remote-attestation-backed zero-knowledge-proof (ZKP) integrity challenges for model weights at runtime. An extensive multi-cloud evaluation shows that the framework detects 94.6 \% of tainted samples before ingestion and blocks 91.3 \% of unsafe outputs, with a median latency overhead of 66 ms—well below clinical tele-consultation thresholds.",

keywords = "AI Risk Management Framework, Cloud Security, Data/Weight Poisoning, KYC, Large Language Models, OTP, OWASP LLM Top-10, PGaaS, Privacy Preservation, Telemedicine, Zero Trust, ZKP",

author = "\{Yair Rivera\}, Julio and \{Pinto Mangones\}, \{{\'A}ngel D.\} and \{P{\'e}rez Garc{\'i}a\}, \{Nelson A.\} and Huerta, \{M{\'o}nica Karel\} and \{Viloria N{\'u}{\~n}ez\}, C{\'e}sar and \{Ibarra Hern{\'a}ndez\}, Frank and \{Torres Tovio\}, Juan and \{Robles Vega\}, Horderlin and \{De la Rosa Pareja\}, \{Jorge Enrique\}",

note = "Publisher Copyright: {\textcopyright} 2025 IEEE.; 51st Latin American Computer Conference, CLEI 2025 ; Conference date: 27-10-2025 Through 31-10-2025",

year = "2025",

doi = "10.1109/CLEI67442.2025.11420318",

language = "English",

series = "Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025",

address = "United States",

}

Yair Rivera, J, Pinto Mangones, ÁD, Pérez García, NA, Huerta, MK, Viloria Núñez, C, Ibarra Hernández, F, Torres Tovio, J, Robles Vega, H & De la Rosa Pareja, JE 2025, A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service: Mitigating Poisoning, Leakage and Unsafe-Output Threats. En Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025. Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025, Institute of Electrical and Electronics Engineers Inc., 51st Latin American Computer Conference, CLEI 2025, Valparaiso, Chile, 27/10/25. https://doi.org/10.1109/CLEI67442.2025.11420318

A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service: Mitigating Poisoning, Leakage and Unsafe-Output Threats. / Yair Rivera, Julio; Pinto Mangones, Ángel D.; Pérez García, Nelson A. et al.
Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025. Institute of Electrical and Electronics Engineers Inc., 2025. (Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025).

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución de conferencia › revisión exhaustiva

TY - GEN

T1 - A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service

T2 - 51st Latin American Computer Conference, CLEI 2025

AU - Yair Rivera, Julio

AU - Pinto Mangones, Ángel D.

AU - Pérez García, Nelson A.

AU - Huerta, Mónica Karel

AU - Viloria Núñez, César

AU - Ibarra Hernández, Frank

AU - Torres Tovio, Juan

AU - Robles Vega, Horderlin

AU - De la Rosa Pareja, Jorge Enrique

PY - 2025

Y1 - 2025

N2 - Large-Language-Model (LLM) functionality is rapidly becoming a cornerstone of Telemedicine-as-a-Service (PGaaS) platforms. Recent Q1 studies demonstrate that even minuscule training-set or parameter perturbations can introduce persistent back-doors, while inference pipelines leak protected health information (PHI) if left unguarded. Building on the NIST AI Risk Management Framework (AI RMF), this paper proposes and implements a zero-trust, multi-cloud security architecture that couples (i) knowledge-graph–driven data-integrity validation, (ii) containerised fine-tuning isolation, (iii) AI-RMF–centred governance and continuous risk registers, (iv) a privacy-preserving response-sanitisation gateway enhanced with one-time-password (OTP) and KYC identity binding, and (v) remote-attestation-backed zero-knowledge-proof (ZKP) integrity challenges for model weights at runtime. An extensive multi-cloud evaluation shows that the framework detects 94.6 % of tainted samples before ingestion and blocks 91.3 % of unsafe outputs, with a median latency overhead of 66 ms—well below clinical tele-consultation thresholds.

AB - Large-Language-Model (LLM) functionality is rapidly becoming a cornerstone of Telemedicine-as-a-Service (PGaaS) platforms. Recent Q1 studies demonstrate that even minuscule training-set or parameter perturbations can introduce persistent back-doors, while inference pipelines leak protected health information (PHI) if left unguarded. Building on the NIST AI Risk Management Framework (AI RMF), this paper proposes and implements a zero-trust, multi-cloud security architecture that couples (i) knowledge-graph–driven data-integrity validation, (ii) containerised fine-tuning isolation, (iii) AI-RMF–centred governance and continuous risk registers, (iv) a privacy-preserving response-sanitisation gateway enhanced with one-time-password (OTP) and KYC identity binding, and (v) remote-attestation-backed zero-knowledge-proof (ZKP) integrity challenges for model weights at runtime. An extensive multi-cloud evaluation shows that the framework detects 94.6 % of tainted samples before ingestion and blocks 91.3 % of unsafe outputs, with a median latency overhead of 66 ms—well below clinical tele-consultation thresholds.

KW - AI Risk Management Framework

KW - Cloud Security

KW - Data/Weight Poisoning

KW - KYC

KW - Large Language Models

KW - OTP

KW - OWASP LLM Top-10

KW - PGaaS

KW - Privacy Preservation

KW - Telemedicine

KW - Zero Trust

KW - ZKP

UR - https://www.scopus.com/pages/publications/105037107131

U2 - 10.1109/CLEI67442.2025.11420318

DO - 10.1109/CLEI67442.2025.11420318

M3 - Conference contribution

AN - SCOPUS:105037107131

T3 - Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025

BT - Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 27 October 2025 through 31 October 2025

ER -

Yair Rivera J, Pinto Mangones ÁD, Pérez García NA, Huerta MK, Viloria Núñez C, Ibarra Hernández F et al. A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service: Mitigating Poisoning, Leakage and Unsafe-Output Threats. En Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025. Institute of Electrical and Electronics Engineers Inc. 2025. (Proceedings - 2025 51st Latin American Computer Conference, CLEI 2025). doi: 10.1109/CLEI67442.2025.11420318

A Zero-Trust, AI-RMF–Governed Architecture for LLM-Enabled Telemedicine-as-a-Service: Mitigating Poisoning, Leakage and Unsafe-Output Threats

Resumen

Serie de la publicación

Conferencia

Nota bibliográfica

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto