ARBITER: AI-Driven Filtering for Role-Based Access Control
- URL: http://arxiv.org/abs/2512.20535v1
- Date: Tue, 23 Dec 2025 17:25:51 GMT
- Title: ARBITER: AI-Driven Filtering for Role-Based Access Control
- Authors: Michele Lorenzo, Idilio Drago, Dario Salvadori, Fabio Romolo Vayr,
- Abstract summary: our implements layered input/output validation, role-aware retrieval, and post-generation fact-checking.<n>We evaluate the approach on 389 queries using a synthetic dataset.<n>Results suggest that practical RBAC deployment on RAG systems is approaching the maturity level needed for dynamic enterprise environments.
- Score: 0.2519906683279152
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Role-Based Access Control (RBAC) struggles to adapt to dynamic enterprise environments with documents that contain information that cannot be disclosed to specific user groups. As these documents are used by LLM-driven systems (e.g., in RAG) the problem is exacerbated as LLMs can leak sensitive data due to prompt truncation, classification errors, or loss of system context. We introduce \our, a system designed to provide RBAC in RAG systems. \our implements layered input/output validation, role-aware retrieval, and post-generation fact-checking. Unlike traditional RBAC approaches that rely on fine-tuned classifiers, \our uses LLMs operating in few-shot settings with prompt-based steering for rapid deployment and role updates. We evaluate the approach on 389 queries using a synthetic dataset. Experimental results show 85\% accuracy and 89\% F1-score in query filtering, close to traditional RBAC solutions. Results suggest that practical RBAC deployment on RAG systems is approaching the maturity level needed for dynamic enterprise environments.
Related papers
- Query Suggestion for Retrieval-Augmented Generation via Dynamic In-Context Learning [42.850404278428954]
We introduce robust dynamic few-shot learning which retrieves examples from relevant user queries.<n>We show that our system can be self-learned, for instance on prior user queries, and is therefore easily applicable in practice.
arXiv Detail & Related papers (2026-01-13T00:56:38Z) - Classifying and Addressing the Diversity of Errors in Retrieval-Augmented Generation Systems [10.899541303791928]
Retrieval-augmented generation (RAG) is a prevalent approach for building question-answering systems.<n>Due to the complexity of real-world RAG systems, there are many potential causes for erroneous outputs.<n>We present a new taxonomy of the error types that can occur in realistic RAG systems, examples of each, and practical advice for addressing them.
arXiv Detail & Related papers (2025-10-15T18:02:30Z) - Evaluating Retrieval-Augmented Generation Systems on Unanswerable, Uncheatable, Realistic, Multi-hop Queries [53.99620546358492]
Real-world use cases often present RAG systems with complex queries for which relevant information is missing from the corpus or is incomplete.<n>Existing RAG benchmarks rarely reflect realistic task complexity for multi-hop or out-of-scope questions.<n>We present the first pipeline for automatic, difficulty-controlled creation of un$underlinec$heatable, $underliner$ealistic, $underlineu$nanswerable, and $underlinem$ulti-hop.
arXiv Detail & Related papers (2025-10-13T21:38:04Z) - Role-Conditioned Refusals: Evaluating Access Control Reasoning in Large Language Models [9.010745644432221]
We study role-conditioned refusals, focusing on the LLM's ability to adhere to access control policies by answering when authorized and refusing when not.<n>To evaluate this behavior, we created a novel dataset that extends the Spider and BIRD text-to-shot datasets.
arXiv Detail & Related papers (2025-10-09T00:28:59Z) - DeepSieve: Information Sieving via LLM-as-a-Knowledge-Router [57.28685457991806]
DeepSieve is an agentic RAG framework that incorporates information sieving via LLM-as-a-knowledge-router.<n>Our design emphasizes modularity, transparency, and adaptability, leveraging recent advances in agentic system design.
arXiv Detail & Related papers (2025-07-29T17:55:23Z) - LTRR: Learning To Rank Retrievers for LLMs [53.285436927963865]
We show that routing-based RAG systems can outperform the best single-retriever-based systems.<n>Performance gains are especially pronounced in models trained with the Answer Correctness (AC) metric.<n>As part of the SIGIR 2025 LiveRAG challenge, our submitted system demonstrated the practical viability of our approach.
arXiv Detail & Related papers (2025-06-16T17:53:18Z) - QE-RAG: A Robust Retrieval-Augmented Generation Benchmark for Query Entry Errors [23.225358970952197]
Retriever-augmented generation (RAG) has become a widely adopted approach for enhancing the factual accuracy of large language models (LLMs)<n>QE-RAG is the first robust RAG benchmark designed specifically to evaluate performance against query entry errors.<n>We propose a contrastive learning-based robust retriever training method and a retrieval-augmented query correction method.
arXiv Detail & Related papers (2025-04-05T05:24:08Z) - Fast or Better? Balancing Accuracy and Cost in Retrieval-Augmented Generation with Flexible User Control [52.405085773954596]
Retrieval-Augmented Generation has emerged as a powerful approach to mitigate large language model hallucinations.<n>Existing RAG frameworks often apply retrieval indiscriminately,leading to inefficiencies-over-retrieving.<n>We introduce a novel user-controllable RAG framework that enables dynamic adjustment of the accuracy-cost trade-off.
arXiv Detail & Related papers (2025-02-17T18:56:20Z) - ChunkRAG: Novel LLM-Chunk Filtering Method for RAG Systems [2.8692611791027893]
Retrieval-Augmented Generation (RAG) systems generate inaccurate responses due to the retrieval of irrelevant or loosely related information.<n>We propose ChunkRAG, a framework that enhances RAG systems by evaluating and filtering retrieved information at the chunk level.
arXiv Detail & Related papers (2024-10-25T14:07:53Z) - RAGEval: Scenario Specific RAG Evaluation Dataset Generation Framework [66.93260816493553]
This paper introduces RAGEval, a framework designed to assess RAG systems across diverse scenarios.<n>With a focus on factual accuracy, we propose three novel metrics: Completeness, Hallucination, and Irrelevance.<n> Experimental results show that RAGEval outperforms zero-shot and one-shot methods in terms of clarity, safety, conformity, and richness of generated samples.
arXiv Detail & Related papers (2024-08-02T13:35:11Z) - Get my drift? Catching LLM Task Drift with Activation Deltas [55.75645403965326]
Task drift allows attackers to exfiltrate data or influence the LLM's output for other users.<n>We show that a simple linear classifier can detect drift with near-perfect ROC AUC on an out-of-distribution test set.<n>We observe that this approach generalizes surprisingly well to unseen task domains, such as prompt injections, jailbreaks, and malicious instructions.
arXiv Detail & Related papers (2024-06-02T16:53:21Z) - Offline RL with No OOD Actions: In-Sample Learning via Implicit Value
Regularization [90.9780151608281]
In-sample learning (IQL) improves the policy by quantile regression using only data samples.
We make a key finding that the in-sample learning paradigm arises under the textitImplicit Value Regularization (IVR) framework.
We propose two practical algorithms, Sparse $Q$-learning (EQL) and Exponential $Q$-learning (EQL), which adopt the same value regularization used in existing works.
arXiv Detail & Related papers (2023-03-28T08:30:01Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.