Mon Mar 11 08:00:00 CDT 2024

This is an announcement of Pranav Subramaniam's Candidacy Exam.
Candidate: Pranav Subramaniam

Date: Monday, March 11, 2024

Time: 11 am CST

Location: JCL 298

Remote Location: https://uchicago.zoom.us/j/95669507805?pwd=Zzc1dXNWWTUzWExvTExDVnE3dzlLdz09

Title: Intent-Based Access Control for Databases: Using LLMs to Intelligently Manage Access Control

Abstract: In every enterprise database, administrators must define an access control policy that specifies which users have access to which assets. Access control straddles two worlds: policy (organization-level principles that define who should have access) and process (database-level primitives that actually implement the policy). Assessing and enforcing process compliance with a policy is a manual and ad-hoc task. This paper introduces a new paradigm for access control called Intent-Based Access Control for Databases (IBAC-DB). In IBAC-DB, access control policies are expressed more precisely using a novel format, the natural language access control matrix (NLACM). Database access control primitives are synthesized automatically from these NLACMs. These primitives can be used to generate new DB configurations and/or evaluate existing ones. This paper presents a reference architecture for an IBAC-DB interface, an initial implementation for PostgreSQL (which we call LLM4AC), and initial benchmarks that evaluate the accuracy and scope of such a system. We find that our chosen implementation, LLM4AC, vastly outperforms other baselines, achieving near-perfect F1 scores on our initial benchmarks.

Advisors: Sanjay Krishnan

Committee Members: Michael Franklin, Sanjay Krishnan, and Grant Ho
