Published: January 16, 2025
Author(s)
Sherifdeen Lawal (UTSA), Xingmeng Zhao (UTSA), Anthony Rios (UTSA), Ram Krishnan (UTSA), David Ferraiolo (NIST)
Conference
Name: The 6th IEEE Intl Conference on Trust, Privacy and Security in Intelligent Systems, and Application
Dates: 10/28/2024 - 10/31/2024
Location: Washington, DC
Citation: 2024 IEEE 6th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA), pp. 361-370
This paper investigates the application of large language models (LLMs) for the automated translation and information extraction of access control policies from a natural language source. Prior research in this domain have predominantly relied on manual methods, traditional natural language processing (NLP), or a hybrid approach involving machine learning and artificial neural networks combined with NLP techniques. We demonstrate a significant advancement by leveraging the power of LLMs to achieve improved efficiency and accuracy in these tasks. Our study focuses on applying cutting-edge prompt engineering techniques designed to optimize LLM performance in the specific context of access control policy information extraction. The findings highlight the potential of LLMs to streamline the process of converting human-readable requirements into formal, machine-interpretable policies, ultimately contributing to the automation and security of access control systems.
This paper investigates the application of large language models (LLMs) for the automated translation and information extraction of access control policies from a natural language source. Prior research in this domain have predominantly relied on manual methods, traditional natural language...
See full abstract
This paper investigates the application of large language models (LLMs) for the automated translation and information extraction of access control policies from a natural language source. Prior research in this domain have predominantly relied on manual methods, traditional natural language processing (NLP), or a hybrid approach involving machine learning and artificial neural networks combined with NLP techniques. We demonstrate a significant advancement by leveraging the power of LLMs to achieve improved efficiency and accuracy in these tasks. Our study focuses on applying cutting-edge prompt engineering techniques designed to optimize LLM performance in the specific context of access control policy information extraction. The findings highlight the potential of LLMs to streamline the process of converting human-readable requirements into formal, machine-interpretable policies, ultimately contributing to the automation and security of access control systems.
Hide full abstract
Keywords
Natural Language Specification; Access Control Policies; Large Language Models (LLMs); Prompt Engineering; Attribute-Based Access Control (ABAC)
Control Families
None selected
