Automating Access: LLM-Based Permission Request Processing for the Enterprise
摘要
Every day, across a wide range of industries, companies must adapt employee access profiles to reflect changes in authorization requirements. A key challenge lies in translating the needs of an employee to a technical authorization concept. Due to the rise of generative AI, it makes sense to consider Large Language Models (LLMs) for processing permission requests. This is especially relevant in large-scale access control environments, where the high number of permissions and roles makes oversight difficult for human administrators. Thus, in this contribution, we conduct quantitative research and test whether LLMs are suitable for permission request processing. We find that when embedding an access control document, an LLM performs quite well when translating a permission request into the required permission but struggles with suggesting a suitable role. We show that instead of using an LLM for both permission and role suggestions, it is more efficient to apply a hybrid approach, and first apply an LLM-based permission translation and then algorithmically search for a role that contains the translated permission.