Trustworthy AI: Securing Sensitive Data in Large Language Models
Georgios Feretzakis, Vassilios S. Verykios
TL;DR
Sensitive data leakage in LLMs poses regulatory and privacy risks in domains such as healthcare, finance, and law. We propose a trust-centered framework that embeds User Trust Profiling, Information Sensitivity Detection, and Adaptive Output Control to govern disclosures based on user trust levels. The approach combines RBAC/ABAC-based profiling, NER-driven sensitivity detection, contextual analysis, and privacy-preserving techniques like Differential Privacy to balance data utility with privacy. The framework aims for scalable deployment across high-risk domains, with future work validating effectiveness and efficiency through domain-specific testing.
Abstract
Large Language Models (LLMs) have transformed natural language processing (NLP) by enabling robust text generation and understanding. However, their deployment in sensitive domains like healthcare, finance, and legal services raises critical concerns about privacy and data security. This paper proposes a comprehensive framework for embedding trust mechanisms into LLMs to dynamically control the disclosure of sensitive information. The framework integrates three core components: User Trust Profiling, Information Sensitivity Detection, and Adaptive Output Control. By leveraging techniques such as Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), Named Entity Recognition (NER), contextual analysis, and privacy-preserving methods like differential privacy, the system ensures that sensitive information is disclosed appropriately based on the user's trust level. By focusing on balancing data utility and privacy, the proposed solution offers a novel approach to securely deploying LLMs in high-risk environments. Future work will focus on testing this framework across various domains to evaluate its effectiveness in managing sensitive data while maintaining system efficiency.