Intent-Based Access Control: Using LLMs to Intelligently Manage Access Control
- URL: http://arxiv.org/abs/2402.07332v1
- Date: Sun, 11 Feb 2024 23:50:12 GMT
- Title: Intent-Based Access Control: Using LLMs to Intelligently Manage Access Control
- Authors: Pranav Subramaniam, Sanjay Krishnan,
- Abstract summary: This paper introduces a new paradigm for access control called Intent-Based Access Control for Databases (IBAC-DB)
In IBAC-DB, access control policies are expressed more precisely using a novel format, the natural language access control matrix (NLACM)
- Score: 6.2859996652179
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: In every enterprise database, administrators must define an access control policy that specifies which users have access to which assets. Access control straddles two worlds: policy (organization-level principles that define who should have access) and process (database-level primitives that actually implement the policy). Assessing and enforcing process compliance with a policy is a manual and ad-hoc task. This paper introduces a new paradigm for access control called Intent-Based Access Control for Databases (IBAC-DB). In IBAC-DB, access control policies are expressed more precisely using a novel format, the natural language access control matrix (NLACM). Database access control primitives are synthesized automatically from these NLACMs. These primitives can be used to generate new DB configurations and/or evaluate existing ones. This paper presents a reference architecture for an IBAC-DB interface, an initial implementation for PostgreSQL (which we call LLM4AC), and initial benchmarks that evaluate the accuracy and scope of such a system. We find that our chosen implementation, LLM4AC, vastly outperforms other baselines, achieving near-perfect F1 scores on our initial benchmarks.
Related papers
- Comparison of Access Control Approaches for Graph-Structured Data [0.0]
Graph-structured data requires advanced, flexible, and fine-grained access control due to its complex structure.
Several research works focus on protecting property graph-structured data, enforcing fine-grained access control, and proving the feasibility and applicability of their concept.
We select works from our systematic literature review on authorization and access control for different database models in addition to recent ones.
arXiv Detail & Related papers (2024-05-31T12:31:05Z) - Towards Modular LLMs by Building and Reusing a Library of LoRAs [64.43376695346538]
We study how to best build a library of adapters given multi-task data.
We introduce model-based clustering, MBC, a method that groups tasks based on the similarity of their adapter parameters.
To re-use the library, we present a novel zero-shot routing mechanism, Arrow, which enables dynamic selection of the most relevant adapters.
arXiv Detail & Related papers (2024-05-18T03:02:23Z) - From LLMs to Actions: Latent Codes as Bridges in Hierarchical Robot Control [58.72492647570062]
We introduce our method -- Learnable Latent Codes as Bridges (LCB) -- as an alternate architecture to overcome limitations.
We find that methodoutperforms baselines that leverage pure language as the interface layer on tasks that require reasoning and multi-step behaviors.
arXiv Detail & Related papers (2024-05-08T04:14:06Z) - TableLLM: Enabling Tabular Data Manipulation by LLMs in Real Office Usage Scenarios [52.73289223176475]
TableLLM is a robust large language model (LLM) with 13 billion parameters.
TableLLM is purpose-built for proficiently handling data manipulation tasks.
We have released the model checkpoint, source code, benchmarks, and a web application for user interaction.
arXiv Detail & Related papers (2024-03-28T11:21:12Z) - Sparsity-Aware Intelligent Massive Random Access Control in Open RAN: A
Reinforcement Learning Based Approach [61.74489383629319]
Massive random access of devices in the emerging Open Radio Access Network (O-RAN) brings great challenge to the access control and management.
reinforcement-learning (RL)-assisted scheme of closed-loop access control is proposed to preserve sparsity of access requests.
Deep-RL-assisted SAUD is proposed to resolve highly complex environments with continuous and high-dimensional state and action spaces.
arXiv Detail & Related papers (2023-03-05T12:25:49Z) - Actor-Critic based Improper Reinforcement Learning [61.430513757337486]
We consider an improper reinforcement learning setting where a learner is given $M$ base controllers for an unknown Markov decision process.
We propose two algorithms: (1) a Policy Gradient-based approach; and (2) an algorithm that can switch between a simple Actor-Critic scheme and a Natural Actor-Critic scheme.
arXiv Detail & Related papers (2022-07-19T05:55:02Z) - Toward Deep Learning Based Access Control [3.2511618464944547]
This paper proposes Deep Learning Based Access Control (DLBAC) by leveraging significant advances in deep learning technology.
DLBAC could complement and, in the long-term, has the potential to even replace, classical access control models with a neural network.
We demonstrate the feasibility of the proposed approach by addressing issues related to accuracy, generalization, and explainability.
arXiv Detail & Related papers (2022-03-28T22:05:11Z) - Policy Search for Model Predictive Control with Application to Agile
Drone Flight [56.24908013905407]
We propose a policy-search-for-model-predictive-control framework for MPC.
Specifically, we formulate the MPC as a parameterized controller, where the hard-to-optimize decision variables are represented as high-level policies.
Experiments show that our controller achieves robust and real-time control performance in both simulation and the real world.
arXiv Detail & Related papers (2021-12-07T17:39:24Z) - Adaptive ABAC Policy Learning: A Reinforcement Learning Approach [2.5997274006052544]
We propose an adaptive ABAC policy learning approach to automate the authorization management task.
In particular, we propose a contextual bandit system, in which an authorization engine adapts an ABAC model through a feedback control loop.
We focus on developing an adaptive ABAC policy learning model for a home IoT environment as a running example.
arXiv Detail & Related papers (2021-05-18T15:18:02Z) - Learning Attribute-Based and Relationship-Based Access Control Policies
with Unknown Values [0.6662800021628273]
This paper presents the first algorithms for mining ABAC and ReBAC policies from access control lists (ACLs) and incomplete information about entities.
We show that the core of this problem can be viewed as learning a concise three-valued logic formula from a set of labeled feature vectors containing unknowns.
arXiv Detail & Related papers (2020-08-19T13:56:29Z) - An Automatic Attribute Based Access Control Policy Extraction from
Access Logs [5.142415132534397]
An attribute-based access control (ABAC) model provides a more flexible approach for addressing the authorization needs of complex and dynamic systems.
We present a methodology for automatically learning ABAC policy rules from access logs of a system to simplify the policy development process.
arXiv Detail & Related papers (2020-03-16T15:08:54Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.