Files
Abstract
In every enterprise database, administrators must define an access control policy that specifies which users have access to which tables. Access control straddles two worlds: policy (organization-level principles that define who should have access) and process (database-level operations that actually implement the policy). Assessing and enforcing process compliance with a policy is currently a manual and ad-hoc task. In this thesis, I show that LLMs can be used to generate DB access control implementations from policy documents effectively. To achieve this, this thesis first proposes a novel policy linting usage model for access control involving not only synthesis of access control implementations from policy documents, but auditing of implementations against policy documents for effective debugging of database access control. To perform synthesis and auditing accurately, this thesis then proposes DePLOI (Deployment Policy Linter for Organization Intents), a LLM-backed system leveraging access control-specific task decompositions to accurately synthesize and audit access control implementation. DePLOI leverages novel access control-specific task decompositions, prompting strategies, and a novel access control model that serves as an input policy representation for DePLOI, which I call Intent-Based Access Control for Databases (IBAC-DB). Lastly, while access control policy can be expressed using IBAC-DB, I recognize that organizations will still need to write security policy documents. Therefore, to make DePLOI end-to-end, this thesis shows that as long as text related to access control is roughly structured in a policy document, it is possible to create an accurate ACM Extraction Agent via an agentic training workflow. This output ACM can then be given to DePLOI to synthesize and audit access control implementations.