LLM Access Shield: Domain-Specific LLM Framework for Privacy Policy Compliance

TL;DR

This paper presents LLM Access Shield, a framework that enforces privacy policies, dynamically adapts to security needs, and anonymizes sensitive data to ensure privacy compliance in domain-specific LLM applications.

Contribution

It introduces a novel security framework with policy enforcement, real-time customization, and data anonymization techniques for privacy-preserving LLM deployment.

Findings

Effective mitigation of security risks in LLM interactions

Maintains functional accuracy while enforcing privacy policies

Demonstrates adaptability to evolving security requirements

Abstract

Large language models (LLMs) are increasingly applied in fields such as finance, education, and governance due to their ability to generate human-like text and adapt to specialized tasks. However, their widespread adoption raises critical concerns about data privacy and security, including the risk of sensitive data exposure. In this paper, we propose a security framework to enforce policy compliance and mitigate risks in LLM interactions. Our approach introduces three key innovations: (i) LLM-based policy enforcement: a customizable mechanism that enhances domain-specific detection of sensitive data. (ii) Dynamic policy customization: real-time policy adaptation and enforcement during user-LLM interactions to ensure compliance with evolving security requirements. (iii) Sensitive data anonymization: a format-preserving encryption technique that protects sensitive information while maintaining contextual integrity. Experimental results demonstrate that our framework effectively mitigates security risks while preserving the functional accuracy of LLM-driven tasks.