Lasso Security Establishes New Standards for LLM Safety Through Innovative Context-Based Access Controls

To effectively scale large language models (LLMs) within long-term AI initiatives, enterprises are increasingly adopting retrieval augmented generation (RAG) frameworks. However, this shift necessitates robust contextual security to address the growing demands for integration.

Securing RAGs Requires Contextual Intelligence

Conventional RAG access control methods fall short in providing the necessary contextual oversight. Since RAG lacks built-in access control, it presents a notable security risk by potentially allowing unauthorized access to sensitive information.

Limitations of Traditional Access Controls

Role-Based Access Control (RBAC) is too rigid to adapt to dynamic contextual requests, while Attribute-Based Access Control (ABAC) struggles with scalability and incurs higher maintenance costs. There is a clear need for a more sophisticated approach that enhances protection without sacrificing performance.

Introducing Context-Based Access Control (CBAC)

Recognizing these gaps, Lasso Security developed Context-Based Access Control (CBAC) to elevate contextual access management. CBAC dynamically assesses the context of all access requests to LLMs, including evaluating access, response, interaction, behavioral, and data modification requests. This comprehensive approach ensures robust security, preventing unauthorized access and upholding high standards within LLM and RAG frameworks.

Ophir Dror, co-founder and CPO at Lasso Security, emphasized, “Traditional methods focus on static criteria, fail to manage context effectively, and can leave organizations vulnerable.” CBAC addresses these shortcomings by ensuring that only authorized users can access specific information, thus protecting sensitive data from being disclosed inappropriately by chatbots.

What is Retrieval-Augmented Generation (RAG)?

In 2020, researchers from Facebook AI Research, University College London, and New York University published a foundational paper on RAG, defining it as a method that combines pre-trained models with a non-parametric memory system. By enabling more effective processing of enterprise data, RAG significantly enhances the capabilities of LLMs.

Gartner explains that RAG addresses the limitations of conventional LLMs, allowing for the integration of relevant enterprise information. The accompanying graphic illustrates how RAG operates.

Designing CBAC for RAG Integration

Dror shared that CBAC is designed for flexibility, functioning as a standalone solution or seamlessly integrating with existing systems such as Active Directory. This versatility streamlines its adoption without necessitating major changes to current LLM infrastructures.

While capable of operating independently, CBAC also integrates within Lasso Security's generative AI security suite. This ensures comprehensive protection for employee interactions with AI-based chatbots, applications, and models. Lasso Security continuously monitors data transfers and quickly identifies anomalies or policy violations, ensuring a secure, compliant environment.

Dror elaborated that CBAC constantly evaluates various contextual indicators to enforce access control policies, thereby allowing only authorized personnel to access sensitive information—even in documents containing both confidential and publicly relevant data.

Addressing Security Challenges

Dror noted that organizations implementing RAG often face critical questions concerning access permissions. As the adoption of RAG rises, the limitations of LLMs—such as hallucinations and difficulties with data training—intensify the urgency to resolve permissions issues. CBAC was developed to tackle these challenges by providing the necessary contextual insights to enable dynamic access control strategies.

As RAG becomes pivotal to organizational LLM and AI strategies, contextual intelligence will be essential for fostering secure and scalable solutions without compromising performance.

Most people like

Find AI tools in YBX