LLMAC: A Global and Explainable Access Control Framework with Large Language Model

TL;DR

This paper presents LLMAC, a novel unified access control framework leveraging Large Language Models to handle complex, dynamic security policies with high accuracy and explainability, surpassing traditional methods.

Contribution

Introduction of LLMAC, a comprehensive access control system using LLMs to unify and explain multiple traditional access control models.

Findings

Achieved 98.5% accuracy on synthetic datasets.

Outperformed traditional access control methods significantly.

Provided human-readable explanations for decisions.

Abstract

Today's business organizations need access control systems that can handle complex, changing security requirements that go beyond what traditional methods can manage. Current approaches, such as Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Discretionary Access Control (DAC), were designed for specific purposes. They cannot effectively manage the dynamic, situation-dependent workflows that modern systems require. In this research, we introduce LLMAC, a new unified approach using Large Language Models (LLMs) to combine these different access control methods into one comprehensive, understandable system. We used an extensive synthetic dataset that represents complex real-world scenarios, including policies for ownership verification, version management, workflow processes, and dynamic role separation. Using Mistral 7B, our trained LLM model achieved outstanding results with 98.5% accuracy, significantly outperforming traditional methods (RBAC: 14.5%, ABAC: 58.5%, DAC: 27.5%) while providing clear, human readable explanations for each decision. Performance testing shows that the system can be practically deployed with reasonable response times and computing resources.