Lasso Security, a Generative AI security company, announces a new approach to access control for GenAI users. Context-Based-Access Control (CBAC) from Lasso Security allows enterprise security professionals to address access control and data leak prevention in GenAI solutions with a few simple prompts.
Retrieval-Augmented Generation (RAG) is a technique that enhances the capabilities of LLMs by integrating them with external data sources. This approach retrieves relevant documents to provide additional context, significantly improving the accuracy and relevance of LLM outputs without the need for retraining. However, RAG’s lack of native access control poses a significant security risk to enterprises, as it could allow unauthorized users to access sensitive information.
Current access control methods like Role-Based Access Control (RBAC) and Attribute-Based Access Control enhance security by restricting access based on roles, permissions or attributes. However, in the world of RAG, these methods often lead to increased system complexity, data duplication and slower query performance. They also require meticulous implementation and ongoing maintenance, making them challenging to scale and manage effectively.
To address this issue, Lasso Security developed and introduced CBAC, which focuses on the context of both requests and responses. CBAC ensures that only authorized users access specific information, preventing unauthorized exposure and handling of documents with mixed relevant and out-of-scope information. This approach offers organizations a higher level of security and control, managing data access in a context-aware and efficient manner.
With CBAC, users can:
- Precisely Manage Access: Ensure that only authorized users can access specific pieces of information based on the context of their request.
- Prevent Unauthorized Information Exposure: Block sensitive information from being retrieved and displayed to users who shouldn’t see it, even if they have broader permissions.
- Handle Nuanced Data: Manage documents that contain both relevant and out-of-scope information by evaluating the context of each request.
This new access control and data leak prevention feature is integrated into Lasso Security’s GenAI security suite, which offers protection of employees’ use of GenAI based Chatbots, Applications, Agents, Code Assistants and integrated Models into production environments. Regardless of how you deploy LLMs, Lasso Security monitors every interaction involving data transfer to or from the LLM. It also swiftly identifies any anomalies or violations of organizational policies, ensuring a secure and compliant environment at all times.
In the attached images, Lasso Security demonstrates how CBAC is implemented within a company using free-form text to enforce access control and security policies. As seen, a member of a finance team interacting with a GenAI tool is blocked from accessing information not related to their department. In contrast, an R&D person asking the same questions to the same GenAI tool is allowed access to the information.
“CBAC is a game-changer in the world of context-aware data security. By focusing on the knowledge level and not patterns or attributes, CBAC ensures that only the right information reaches the right users, providing a level of precision and security that traditional methods can’t match,” noted Ophir Dror, CPO & Co-Founder of Lasso Security. “This innovative approach allows organizations to harness the full power of RAG while maintaining stringent access controls, truly revolutionizing how we manage and protect data.”
Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!