Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

DePLOI: Applying NL2SQL to Synthesize and Audit Database Access Control

Pranav Subramaniam, Sanjay Krishnan

TL;DR

The paper tackles the challenge of automatically synthesizing and auditing database access-control implementations from natural-language policies. It introduces IBAC-DB, an intent-based model represented by NLACM, TACM, and RHL, and presents DePLOI, an LLM-driven system that decomposes synthesis and auditing into role mapping, view creation, and privilege-generation steps, aided by least-to-most prompting. To evaluate the approach, the authors propose IBACBench, a benchmark that blends NL2SQL baselines, real-world role hierarchies, and policy data to measure synthesis accuracy and auditing F1 across diverse settings. Experimental results show that DePLOI achieves high synthesis accuracy and auditing F1, outperforming other prompting strategies and adapting to multiple LLMs, backends, and policy/schema representations. The work highlights practical impact for automated, traceable deployment of database access control in enterprise settings, enabling scalable policy compliance and faster remediation of misconfigurations.

Abstract

In every enterprise database, administrators must define an access control policy that specifies which users have access to which tables. Access control straddles two worlds: policy (organization-level principles that define who should have access) and process (database-level primitives that actually implement the policy). Assessing and enforcing process compliance with a policy is a manual and ad-hoc task. This paper introduces a new access control model called Intent-Based Access Control for Databases (IBAC-DB). In IBAC-DB, access control policies are expressed using abstractions that scale to high numbers of database objects, and are traceable with respect to implementations. This paper proposes DePLOI (Deployment Policy Linter for Organization Intents), a LLM-backed system leveraging access control-specific task decompositions to accurately synthesize and audit access control implementation from IBAC-DB abstractions. As DePLOI is the first system of its kind to our knowledge, this paper further proposes IBACBench, the first benchmark for evaluating the synthesis and auditing capabilities of DePLOI. IBACBench leverages a combination of current NL2SQL benchmarks, real-world role hierarchies and access control policies, and LLM-generated data. We find that DePLOI achieves high synthesis accuracies and auditing F1 scores overall, and greatly outperforms other LLM prompting strategies (e.g., by 10 F1 points).

DePLOI: Applying NL2SQL to Synthesize and Audit Database Access Control

TL;DR

The paper tackles the challenge of automatically synthesizing and auditing database access-control implementations from natural-language policies. It introduces IBAC-DB, an intent-based model represented by NLACM, TACM, and RHL, and presents DePLOI, an LLM-driven system that decomposes synthesis and auditing into role mapping, view creation, and privilege-generation steps, aided by least-to-most prompting. To evaluate the approach, the authors propose IBACBench, a benchmark that blends NL2SQL baselines, real-world role hierarchies, and policy data to measure synthesis accuracy and auditing F1 across diverse settings. Experimental results show that DePLOI achieves high synthesis accuracy and auditing F1, outperforming other prompting strategies and adapting to multiple LLMs, backends, and policy/schema representations. The work highlights practical impact for automated, traceable deployment of database access control in enterprise settings, enabling scalable policy compliance and faster remediation of misconfigurations.

Abstract

In every enterprise database, administrators must define an access control policy that specifies which users have access to which tables. Access control straddles two worlds: policy (organization-level principles that define who should have access) and process (database-level primitives that actually implement the policy). Assessing and enforcing process compliance with a policy is a manual and ad-hoc task. This paper introduces a new access control model called Intent-Based Access Control for Databases (IBAC-DB). In IBAC-DB, access control policies are expressed using abstractions that scale to high numbers of database objects, and are traceable with respect to implementations. This paper proposes DePLOI (Deployment Policy Linter for Organization Intents), a LLM-backed system leveraging access control-specific task decompositions to accurately synthesize and audit access control implementation from IBAC-DB abstractions. As DePLOI is the first system of its kind to our knowledge, this paper further proposes IBACBench, the first benchmark for evaluating the synthesis and auditing capabilities of DePLOI. IBACBench leverages a combination of current NL2SQL benchmarks, real-world role hierarchies and access control policies, and LLM-generated data. We find that DePLOI achieves high synthesis accuracies and auditing F1 scores overall, and greatly outperforms other LLM prompting strategies (e.g., by 10 F1 points).
Paper Structure (28 sections, 2 equations, 5 figures, 2 tables)

This paper contains 28 sections, 2 equations, 5 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Policy Linting Concerns
  3. Background
  4. Existing NL2SQL Capabilities
  5. A Case for Auditing
  6. Access Control Related Work
  7. Access Control Definitions
  8. Auditable Access Control
  9. Problem Statement
  10. DePLOI Overview
  11. IBAC-DB
  12. DePLOI Workflow
  13. Access Control Synthesis
  14. Access Control Auditing
  15. Benchmark Design
  16. ...and 13 more sections

Figures (5)

  • Figure 1: A Workflow for Using LLM-based Systems to Synthesize and Audit Database Deployments
  • Figure 2: From SQL GRANT statements to Access Control Matrix. Roles are row indexes, tables/views are column headers, and permitted operations are matrix cells.
  • Figure 3: Comparison of NL2SQL Translation by LLM method, with respect to syntax and Forward-Reverse-Forward (FRF) Accuracy. Columns are access control policies.
  • Figure 4: Overall Synthesis Results Across Datasets. DePLOI uses Few-shot prompting.
  • Figure 5: Overall Auditing Results Across Datasets. DePLOI uses Least-to-Most prompting.

Theorems & Definitions (1)

  • Definition 1: Compliance