arxiv: 2604.10473 · v1 · submitted 2026-04-12 · 💻 cs.CR

Recognition: unknown

AI Identification: An Integrated Framework for Sustainable Governance in Digital Enterprises

Di Kevin Gao , Jingdao Chen , Shahram Rahimi

Authors on Pith no claims yet

Pith reviewed 2026-05-10 16:37 UTC · model grok-4.3

classification 💻 cs.CR

keywords frameworkgovernanceidentificationdigitalidentitysustainableaccountabilityenterprises

0 comments

The pith

An integrated framework gives AI systems verifiable identities for sustainable enterprise governance.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper proposes a conceptual framework that combines model fingerprinting, cryptographic hashing, blockchain registration, zero-knowledge proofs, and structural change screening to identify and track AI systems. This infrastructure aims to ensure continuity, auditability, and policy oversight throughout the AI lifecycle in digital enterprises. A sympathetic reader would see this as a way to make AI deployment more accountable in critical infrastructure without constant full disclosure. The dual-layer design and use of LZJD for monitoring changes are key to making governance feasible at scale.

Core claim

The framework establishes an enforceable and transparent identity infrastructure for AI systems by integrating five components: model fingerprinting, cryptographic hashing, blockchain-based registration, ZKP-based proof of possession, and LZJD-based post-deployment screening. It uses a dual-layer identifier anchored in a tamper-resistant registry to enable lifecycle accountability and policy-aligned oversight.

What carries the argument

The dual-layer identifier, consisting of a machine-verifiable primary hash and a human-readable secondary identifier anchored in a blockchain registry, which supports selective verification and change monitoring via LZJD.

Load-bearing premise

The five technical components can be integrated into existing enterprise systems without prohibitive costs, performance losses, or new security vulnerabilities, and that LZJD will reliably indicate structural changes relevant to governance.

What would settle it

A deployment where an AI model undergoes significant structural changes that evade LZJD detection while violating policy, or where the framework integration introduces exploitable vulnerabilities.

Figures

Figures reproduced from arXiv: 2604.10473 by Di Kevin Gao, Jingdao Chen, Shahram Rahimi.

**Figure 1.** Figure 1: FSAO Digital Transformation Process. 1) Communication Phase: Organizations broadcast new AI projects, model updates, and lifecycle changes. AI IDs provide consistent metadata, enabling clear communication of model provenance, versioning, and intended risk categories. 2) Integration Phase: AI IDs become integrated into enterprise architecture guidelines, IT governance policies, data governance frameworks, a… view at source ↗

**Figure 2.** Figure 2: We propose a unique AI ID generated from model weights via both a machine-readable primary hash and human-readable product label, stored on a [PITH_FULL_IMAGE:figures/full_fig_p006_2.png] view at source ↗

**Figure 3.** Figure 3: Examples of Secondary Hash Structures. C. Optimal Storage Mechanisms for AI IDs To ensure authenticity, accountability, and traceability of AI systems, while preserving trade secrets, we recommend a blockchain-based AI identity system paired with a Zero-Knowledge Proof (ZKP) verification layer. This architecture ensures AI systems remain verifiable and compliant even as they operate autonomously in diverse… view at source ↗

**Figure 4.** Figure 4: End-to-end AI registration and validation process. [PITH_FULL_IMAGE:figures/full_fig_p010_4.png] view at source ↗

read the original abstract

As artificial intelligence (AI) systems grow more powerful, autonomous, and embedded in critical infrastructure, their identification and traceability become foundational to regulatory oversight and sustainable digital governance. In digitally transformed enterprises, long-term sustainability depends on transparent, accountable, and lifecycle-governed AI systems, all of which require verifiable identity. This study proposes a conceptual and architectural framework for AI identification, combining technical and governance mechanisms to support lifecycle accountability. The framework integrates five components: model fingerprinting, cryptographic hashing, blockchain-based registration, zero-knowledge proof (ZKP)-based proof of possession, and post-deployment structural change screening. We introduce a dual-layer identifier, consisting of a machine-verifiable primary hash and a human-readable secondary identifier, anchored in a tamper-resistant registry. Identity validation is supported by selective ZKP-based verification at governance-defined checkpoints, while post-deployment changes are monitored using Lempel--Ziv Jaccard Distance (LZJD) as a governance-oriented screening signal rather than a semantic performance metric. The framework establishes an enforceable and transparent identity infrastructure that enables continuity, auditability, and policy-aligned oversight across AI system lifecycles. By embedding AI identification within enterprise architecture and governance processes, the proposed approach supports sustainable innovation, strengthens institutional accountability, and provides a foundation for selective, policy-defined verification during digital transformation.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

This is a descriptive proposal for an AI identification framework that combines existing techniques but supplies no evidence the pieces integrate without new costs or weaknesses.

read the letter

The paper's core contribution is a high-level architecture for tracking AI models across their lifecycle in enterprises. It suggests a dual-layer identifier (machine hash plus human-readable label), blockchain anchoring, selective zero-knowledge proofs for verification, and LZJD-based checks for post-deployment structural shifts. The authors frame this as supporting regulatory accountability and sustainable governance in critical systems.

Referee Report

2 major / 1 minor

Summary. The manuscript proposes a conceptual and architectural framework for AI identification in digital enterprises, integrating five components (model fingerprinting, cryptographic hashing, blockchain-based registration, ZKP-based proof of possession, and LZJD-based post-deployment structural screening) along with a dual-layer identifier (primary machine-verifiable hash plus secondary human-readable ID) to support lifecycle accountability, auditability, and policy-aligned oversight.

Significance. If the described integration proves feasible and secure in practice, the framework could offer a useful high-level blueprint for embedding verifiable identity mechanisms into enterprise AI governance processes, addressing growing regulatory needs for traceability. As presented, however, its significance is limited by the absence of any security analysis, implementation details, overhead measurements, or attack evaluations, leaving the enforceability claims as untested architectural assertions rather than demonstrated properties.

major comments (2)

[Abstract] Abstract: the assertion that the framework 'establishes an enforceable and transparent identity infrastructure' that enables continuity and policy-aligned oversight rests entirely on descriptive integration of the five components; no security analysis of the dual-layer identifier, no specification of LZJD computation on model artifacts, and no evaluation of ZKP soundness or blockchain overhead are provided, so the enforceability claim is unsupported.
[Framework components] Framework description: the dual-layer identifier is introduced without details on generation or tamper-resistant linkage of the secondary human-readable ID to the primary hash, and without discussion of attack surfaces such as registry poisoning or LZJD evasion via semantically equivalent model alterations; these omissions directly undermine the continuity and auditability claims.

minor comments (1)

The manuscript would benefit from a diagram or table summarizing the data flows and checkpoints among the five components to clarify their interactions.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive and detailed feedback. The comments correctly identify that our manuscript presents a conceptual architectural framework rather than an implemented and evaluated system. We address each major comment below and will incorporate revisions to better qualify our claims and expand the framework description while preserving the paper's focus as a high-level blueprint.

read point-by-point responses

Referee: [Abstract] Abstract: the assertion that the framework 'establishes an enforceable and transparent identity infrastructure' that enables continuity and policy-aligned oversight rests entirely on descriptive integration of the five components; no security analysis of the dual-layer identifier, no specification of LZJD computation on model artifacts, and no evaluation of ZKP soundness or blockchain overhead are provided, so the enforceability claim is unsupported.

Authors: We agree that the enforceability language in the abstract is too assertive for a purely conceptual proposal. The manuscript describes an integration of existing techniques (model fingerprinting, cryptographic hashing, blockchain registration, ZKPs, and LZJD screening) to outline a governance-oriented architecture, but does not include formal security analysis, LZJD specification details, ZKP soundness proofs, or performance evaluations. We will revise the abstract to replace 'establishes an enforceable' with 'provides a conceptual foundation for an enforceable' and add a new limitations subsection discussing the assumptions underlying each component, the absence of empirical validation, and the need for future security and overhead analyses. These changes will align the claims with the paper's scope. revision: yes
Referee: [Framework components] Framework description: the dual-layer identifier is introduced without details on generation or tamper-resistant linkage of the secondary human-readable ID to the primary hash, and without discussion of attack surfaces such as registry poisoning or LZJD evasion via semantically equivalent model alterations; these omissions directly undermine the continuity and auditability claims.

Authors: The referee accurately notes the lack of specifics on dual-layer identifier generation and linkage, as well as missing attack surface analysis. In the current text the primary identifier is a cryptographic hash of the model fingerprint, while the secondary human-readable ID is registered as an alias in the blockchain ledger to support human oversight. We will expand the framework components section to include: (1) a high-level description of secondary ID generation (e.g., a policy-defined label mapped to the hash via a signed registry transaction) and tamper-resistant linkage through blockchain immutability; (2) a discussion of attack surfaces, noting that registry poisoning is mitigated by distributed consensus mechanisms and that LZJD serves only as a structural screening signal (not a semantic equivalence detector), so semantically equivalent alterations would require complementary verification methods. These additions will strengthen the continuity and auditability discussion without overstating proven properties. revision: yes

Circularity Check

0 steps flagged

Descriptive architectural proposal exhibits no circularity

full rationale

The manuscript advances a conceptual framework by describing the integration of five named components (model fingerprinting, cryptographic hashing, blockchain registration, ZKP proofs, and LZJD screening) into a dual-layer identifier architecture. No equations, fitted parameters, or quantitative derivations appear; the central claim that this integration 'establishes' enforceable continuity and oversight is presented as a direct consequence of the proposed design rather than a reduction of any output to its own inputs by construction. No self-citations, uniqueness theorems, or ansatzes are invoked to justify load-bearing steps. The work remains self-contained as a high-level governance architecture whose validity rests on external implementation and evaluation rather than internal definitional closure.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 1 invented entities

The framework rests on domain assumptions about the tamper-resistance of blockchain, the practicality of selective ZKP verification at scale, and the utility of LZJD as a change signal; no free parameters are fitted and no new entities with independent evidence are introduced.

axioms (2)

domain assumption Blockchain-based registration provides tamper-resistant anchoring of AI identities
Invoked when describing the registry as the foundation for continuity and auditability.
domain assumption LZJD distance serves as a reliable governance-oriented screening signal for post-deployment structural changes
Stated explicitly as the method for monitoring changes without being a performance metric.

invented entities (1)

dual-layer identifier (primary hash + secondary human-readable ID) no independent evidence
purpose: To provide both machine-verifiable and human-readable AI identity anchored in the registry
Newly defined construct within the framework; no independent evidence supplied.

pith-pipeline@v0.9.0 · 5531 in / 1623 out tokens · 34232 ms · 2026-05-10T16:37:25.561462+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

31 extracted references · 9 canonical work pages

[1]

Capa- bilities of gpt-4 on medical challenge problems

H. Nori, N. King, S. M. McKinney, D. Carignan, and E. Horvitz, “Capabilities of GPT-4 on medical challenge problems,” arXiv preprint arXiv:2303.13375, 2023

work page arXiv 2023
[2]

Foundation models for generalist medical artificial intelligence,

M. Moor, O. Banerjee, Z. S. H. Abad, H. M. Krumholz, J. Leskovec, E. J. Topol, and P. Rajpurkar, “Foundation models for generalist medical artificial intelligence,” Nature, vol. 616, pp. 259–265, 2023

2023
[3]

Benefits, limits, and risks of GPT-4 as an AI chatbot for medicine,

P. Lee, S. Bubeck, and J. Petro, “Benefits, limits, and risks of GPT-4 as an AI chatbot for medicine,” N. Engl. J. Med., vol. 388, pp. 1233–1239, 2023. [4] N. Kolt, D. Hoffman, G. Hadfield, A. Yoon, M. Mitchell, R. Alexander, and J. Giorgi, “Predicting consumer contracts,” Berkeley Technol. Law J., vol. 37, p. 72, 2022

2023
[4]

Contracts in the age of smart readers,

Y . A. Arbel and S. I. Becher, “Contracts in the age of smart readers,” Georg. Wash. Law Rev., vol. 90, p. 83, 2022

2022
[5]

The medical and societal impact of big data analytics and artificial intelligence applications in combating pandemics: A review focused on COVID-19,

P. Galetsi, K. Katsaliaki, and S. Kumar, “The medical and societal impact of big data analytics and artificial intelligence applications in combating pandemics: A review focused on COVID-19,” Soc. Sci. Med., vol. 301, p. 114973, 2022

2022
[6]

The challenges and opportunities in creating an early warning system for global pandemics,

D. C. Danko, J. Golden, C. V . Orosmarty, A. Cak, F. Corsi, C. E. Mason, R. M. D. Freitas, D. Nagy-Szakal, and N. B. O’Hara, “The challenges and opportunities in creating an early warning system for global pandemics,” arXiv preprint arXiv:2302.00863, 2023

work page arXiv 2023
[7]

Compute trends across three eras of machine learning,

J. Sevilla, L. Heim, A. Ho, T. Besiroglu, M. Hobbhahn, and P. Villalobos, “Compute trends across three eras of machine learning,” in Proceedings of the International Joint Conference on Neural Networks, Padua, Italy, Jul. 2022

2022
[8]

The AI pentad, the CHARME2D model, and an assessment of current-state AI regulation,

D. K. Gao, S. Mittal, J. Wu, H. Du, J. Chen, and S. Rahimi, “The AI pentad, the CHARME2D model, and an assessment of current-state AI regulation,” in 2024 International Conference on Sustainable Technology and Engineering (i-COSTE), Perth, Australia, Dec. 2024, pp. 1–8

2024
[9]

Toward trustworthy ai development: mechanisms for supporting verifiable claims.arXiv preprint arXiv:2004.07213, 2020

M. Brundage, S. Avin, J. Wang, H. Belfield, G. Krueger, G. Hadfield, H. Khlaaf, J. Yang, H. Toner, R. Fong et al., “Toward trustworthy AI development: Mechanisms for supporting verifiable claims,” arXiv preprint arXiv:2004.07213, 2020

work page arXiv 2004
[10]

Seventh edition

N. Maslej, L. Fattorini, R. Perrault, V . Parli, A. Reuel, E. Brynjolfsson, J. Etchemendy, K. Ligett, T. Lyons, J. Manyika, J. C. Niebles, Y . Shoham, R. Wald, and J. Clark, “The AI index 2024 annual report,” arXiv preprint arXiv:2405.19522, 2024

work page arXiv 2024
[11]

A bibliometric analysis, critical issues, and key gaps,

D. K. Gao, A. Haverly, S. Mittal, J. Wu, and J. Chen, “A bibliometric analysis, critical issues, and key gaps,” Int. J. Bus. Anal., vol. 11, pp. 1–19, 2024. [13] European Parliament, “The EU AI act,” 2024, [Online]. Available: https://artificialintelligenceact.eu/the-act/

2024
[12]

Regulation on the administration of algorithmic recommendation services,

Cyberspace Administration of China (CAC) and MIIT, MPS, and SAMR, “Regulation on the administration of algorithmic recommendation services,” 2022, [Online]. Available: https://digichina.stanford.edu/work/translation-internet-information-service-algorithmic-recommendation-management-provisions-effective-march-1-2022

2022
[13]

Toward sustainable innovation: Digital transformation with AI strategy,

Y . Masuda, T. Sassano, and R. Jain, “Toward sustainable innovation: Digital transformation with AI strategy,” Procedia Comput. Sci., vol. 270, pp. 6177–6187, 2025

2025
[14]

Artificial intelligence risk management framework: Generative artificial intelligence profile,

National Institute of Standards and Technology, “Artificial intelligence risk management framework: Generative artificial intelligence profile,” National Institute of Standards and Technology, Gaithersburg, MD, USA, Tech. Rep., 2024

2024
[15]

Vera and Vaughan, Jennifer Wortman , year =

Q. V . Liao and J. W. Vaughan, “AI transparency in the age of LLMs: A human-centered research roadmap,” arXiv preprint arXiv:2306.01941, 2023. “

work page arXiv 2023
[16]

D. K. Gao, A. Haverly, S. Mittal, and J. Chen, A bibliometric view of AI ethics development,” in 2023 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE), Nadi, Fiji, Dec. 2023, pp. 1–5

2023
[17]

Article 50: Transparency obligations for providers and deployers of certain AI systems,

EU AI Act, “Article 50: Transparency obligations for providers and deployers of certain AI systems,” 2024, [Online]. Available: https://artificialintelligenceact.eu/article/50/

2024
[18]

Companion chatbot transparency and safety act,

“Companion chatbot transparency and safety act,” Senate Bill No. 243, 2025–2026 Regular Session, State of California, Sacramento, CA, USA, 2025. [21] Department for Science, Innovation & Technology, “Trusted third-party AI assurance roadmap,” 2025, [Online]. Available: https://www.gov.uk/government/publications/trusted-third-party-ai-assurance-roadmap/tru...

2025
[19]

Transparency and accountability in AI systems: Safeguarding wellbeing in the age of algorithmic decision-making,

B. C. Cheong, “Transparency and accountability in AI systems: Safeguarding wellbeing in the age of algorithmic decision-making,” Front. Hum. Dyn., vol. 6, p. 1421273, 2024

2024
[20]

Adaptive enterprise architecture process for global companies in a digital IT era,

Y . Masuda, A. Zimmermann, M. Bass, O. Nakamura, S. Shirasaka, and S. Yamamoto, “Adaptive enterprise architecture process for global companies in a digital IT era,” Int. J. Enterp. Inf. Syst., vol. 17, pp. 21–43, 2021

2021
[21]

Masuda and M

Y . Masuda and M. Viswanathan, Enterprise Architecture for Global Companies in a Digital IT Era: Adaptive Integrated Digital Architecture Framework (AIDAF), 2nd ed. Singapore: Springer, 2025

2025
[22]

arXiv preprint arXiv:2302.08476 , year=

A. S. Luccioni and A. Hernandez-Garcia, “Counting carbon: A survey of factors influencing the emissions of machine learning,” arXiv preprint arXiv:2302.08476, 2023

work page arXiv 2023
[23]

Cybersecurity of AI and standardisation,

ENISA, “Cybersecurity of AI and standardisation,” 2023, [Online]. Available: https://www.enisa.europa.eu/publications/cybersecurity-of-ai-and-standardisation

2023
[24]

Floridi, The Ethics of Artificial Intelligence: Principles, Challenges, and Opportunities

L. Floridi, The Ethics of Artificial Intelligence: Principles, Challenges, and Opportunities. Oxford, UK: OUP, 2023

2023
[25]

Paris, France: OECD, 2022

OECD, OECD Framework for the Classification of AI Systems. Paris, France: OECD, 2022

2022
[26]

ISO/IEC 42001: Information Technology—Artificial Intelligence—Management System, International Organization for Standardization Std., 2023

2023
[27]

IDs for AI systems,

A. Chan, N. Kolt, P. Wills, U. Anwar, C. S. D. Witt, N. Rajkumar, L. Hammond, D. Krueger, L. Heim, and M. Anderljung, “IDs for AI systems,” arXiv preprint arXiv:2406.12137, 2024

work page arXiv 2024
[28]

Invisible traces: Using hybrid fingerprinting to identify underlying LLMs in GenAI apps,

D. Bhardwaj and N. Mishra, “Invisible traces: Using hybrid fingerprinting to identify underlying LLMs in GenAI apps,” arXiv preprint arXiv:2501.18712, 2025

work page arXiv 2025
[29]

Proactive AI policy,

N. Pasquini, “Proactive AI policy,” 2025, [Online]. Available: https://www.harvardmagazine.com/2024/05/ai-policy-regulation-harvard-business-school

2025
[30]

A fingerprint for large language models,

Z. Yang and H. Wu, “A fingerprint for large language models,” arXiv preprint arXiv:2407.01235, 2024

work page arXiv 2024
[31]

Lempel-ziv jaccard distance, an effective alternative to ssdeep and sdhash,

E. Raff and C. Nicholas, “Lempel-ziv jaccard distance, an effective alternative to ssdeep and sdhash,” Digit. Investig., vol. 24, pp. 34–49, 2018

2018